In order to block, or at least limit, the many financial scams in the environment Android, Google recently launched a new app audit program.
Specifically, it is a plan that blocks the sideloading of certain apps and which is currently being tested in the territory of Singapore. The IT giant is trying to block apps external to its store that abuse Android permissions and “intercept” one-time password and similar.
This modus operandi, in fact, seems to be the favorite of cybercriminals who, precisely in the Asian context, are causing a huge number of victims with various malware campaigns.
The project was developed in collaboration with Cyber Security Agency di Singapore (CSA) and, in the event of positive tests, it could soon be offered in other territories as well.
In a statement on Google’s official blog, it is explained how beyond the 95% of malware affects apps installed through sideloading sources, demonstrating how this type of channel is far more dangerous than Google Play.
How does the new method to block sideloading apps work?
As explained by the Mountain View giant, when a Singaporean user tries to install an app that has “suspicious” permissions, Android will block it with a pop-up message that reads a phrase similar to: “This app may request access to sensitive data. This can increase the risk of identity theft or financial fraud“.
The function works by inspecting in real time the permissions that are requested by a newly installed app, focusing on four of them such as:
- receiving SMS;
- reading SMS;
- accessibility service;
- notifications.
As already mentioned, online scams in the Asian country are a real plague, with an increase in 25,2% of cases in 2022with a clear prevalence of phishing ed Fraudulent e-Commerce.
This deluge of cases has pushed Singapore banks to mass-provision systems kill-switch able to its customers to immediately block their account in the event of anomalous behavior of their smartphone.