The local scanning performed by Google Play Protection for apps downloaded outside the official Android store may soon receive improvements. As revealed by Android Authority This Monday (8), the security feature will be able to: Detect much more malware.
This will happen thanks to YARA model integration with Play Protect native APK scanningCodes were found in the latest version of the Play Store, v41.7.16, indicating increased protection against a wider range of digital threats.
Focusing primarily on broader malware families rather than individual malicious files, YARA can detect common code instead of a full hashTraditionally, tools that perform this job look for an exact hash match and allow the malicious file to modify itself to evade scanning.
WOUND like this efficiently detect a much larger malware network through an approach to creating a family definition. According to the report, this functionality can be added to Google Play Protect to strengthen the protection of Android devices.
Local APK analysis
The feature of scanning apps obtained from unofficial sources locally was implemented by Google last year. With the mechanism, There is no need to upload and send suspicious software to the company for analysis.maintaining threat scanning from a server-side model.
With the integration of the YARA tool, the functionality can become even more effective in searching for malware that puts the device at risk and help the user stay virus-free when downloading APKs. Despite the improvements, It’s worth remembering that cloud-based scanning is still the best option.
Source: Tec Mundo
I am a passionate and hardworking journalist with an eye for detail. I specialize in the field of news reporting, and have been writing for Gadget Onus, a renowned online news site, since 2019. As the author of their Hot News section, I’m proud to be at the forefront of today’s headlines and current affairs.
