Most people know Google Play Protect works, by default, whether or not you have a Google Account by scanning all the apps every day (even if they are not installed off the Google Play Store) once a day - and also scanning
every app (even if it's not installed off the Google Play Store) at the
time of installation of that app (no matter how it's installed).
But neither of those two scans were real time in terms of app execution. Until now...
https://www.droid-life.com/2023/10/20/spot-malicious-apps-with-google-play-protects-real-time-app-scanning/
Google Play Protect is getting real-time app scanning, utilizing on-device machine learning and similarity comparisons to ensure apps users are trying to install don't contain malicious code.
Said to be available as part of Google Play Store version 37.5 which was broken down by our friend Mishaal Rahman, "Real-time app scanning will help combat malicious polymorphic apps that change their identifiable features
to avoid detection."
The software will extract important "signals" from the app and then send
them to the Play Protect backend for code-level evaluation. After the analysis is done, users will then get a result letting them know if the app appears safe to install or is potentially harmful. You can see what they warning looks like above in the header image.
Sysop: | Keyop |
---|---|
Location: | Huddersfield, West Yorkshire, UK |
Users: | 297 |
Nodes: | 16 (2 / 14) |
Uptime: | 08:30:53 |
Calls: | 6,666 |
Files: | 12,213 |
Messages: | 5,336,200 |