Google Starts Blocking Sideloading of Potentially Dangerous Android Apps in Singapore
8.2.24  OS  The Hacker News

Google has unveiled a new pilot program in Singapore that aims to prevent users from sideloading certain apps that abuse Android app permissions to read one-time passwords and gather sensitive data.

"This enhanced fraud protection will analyze and automatically block the installation of apps that may use sensitive runtime permissions frequently abused for financial fraud when the user attempts to install the app from an Internet-sideloading source (web browsers, messaging apps or file managers)," the company said.

The feature is designed to examine the permissions declared by a third-party app in real-time and look for those that seek to gain access to sensitive permissions associated with reading SMS messages, deciphering or dismissing notifications from legitimate apps, and accessibility services that have been routinely abused by Android-based malware for extracting valuable information.

As part of the test, users in Singapore who attempt to sideload such apps (or APK files) will be blocked from doing so via Google Play Protect and displayed a pop-up message that reads: "This app can request access to sensitive data. This can increase the risk of identity theft or financial fraud."

"These permissions are frequently abused by fraudsters to intercept one-time passwords via SMS or notifications, as well as spy on-screen content," Eugene Liderman, director of the mobile security strategy at Google, said.

The change is part of a collaborative effort to combat mobile fraud, the tech giant said, urging app developers to follow best practices and review their apps' device permissions to ensure it does not violate the Mobile Unwanted Software principles.


Google, which launched Google Play Protect real-time scanning at the code level to detect novel Android malware in select markets like India, Thailand, Singapore, and Brazil, said the effort allowed it to detect 515,000 new malicious apps and that it issued no less than 3.1 million warnings or blocks of those apps.

The development also comes as Apple announced sweeping changes to the App Store in the European Union to comply with the Digital Markets Act (DMA) ahead of the March 6, 2024, deadline. The changes, including Notarization for iOS apps, are expected to go live with iOS 17.4.

The iPhone maker, however, repeatedly emphasized that distributing iOS apps from alternative app marketplaces exposes E.U. users to "increased privacy and security threats," and that it does not intend to bring them to other regions.

"This includes new avenues for malware, fraud and scams, illicit and harmful content, and other privacy and security threats," Apple said. "These changes also compromise Apple's ability to detect, prevent, and take action against malicious apps on iOS and to support users impacted by issues with apps downloaded outside of the App Store."