Something hilarious happened on playstore recently and the incident flashed a tactical torchlight on a glitch that has been existing on Google’s playstore for a very long time.
First of all, before I continue let me make something straight, this is how it’s supposed to be on Google’ playstor; an App that’s downloaded from an app store owned by the big “G” should be safe and malware free right? We all believe Google should have put in place several tough screening and malware filtering mediums to stop developers from publishing malware infested apps on play store, but the reverse is the case, several apps on playstore are junks and when downloaded will cluster your phone with malware to the extent that you are left with no caption than to flash another ROM onto your phone. I have been through such an experience and it wasn’t funny at all.
The incident that brought this topic up happened recently – when an avid android user took to Twitter to announce what he discovered.
According to John Wu whose twitter handle is @topjohnwu, Magisk app that’s supposed to be rooting app was on Google’s playstore. Normally, Google won’t allow an app such as Magisk App on their store because it is a “rooting app” how did the app get there?
How did the app pass through the revered screening and filtering mechanism Google has put in place to shade out Apps that failed their TOC from being published on the platform?
The magisk App could only be downloaded legitimately from their official XDAdevelopers thread, the link there will take you to their main website or something like that. But seeing the app on playstore struck up attention.
John Wo downloaded the App and noticed that the App malware ladened app; lying silently under the camouflaged name “MAgisk” and waiting for smartphones to prey on.
John Wo took to twitter Asap to announce his discovery.
Several e people took note of it and got it trending on Twitter. Google had to put down the App immediately.
But the truth is, there are still so many apps like that on playstore and the question still remains, how did they get there?
A few days back, a WhatsApp clone was spotted on playstore, so many people fell for the trap and I believe they got their Butts whipped hard with the malware their smartphones will be infection with.
It’s worth noting that Google has a weak content filtering system working on play store and while Apple makes Apps pass through real human reviews before they are approved to be published on Apple store, Google relies on software which use algorithms which follow the rules they’ve set.
The software checks for malicious codes in apps before allowing them to be published by the developer. Sometimes this software misses out on things, sometimes it can only detect when an app has some hidden codes to extract users’ information and sometimes the developers behind these apps study the algorithm the software uses and finds a way to make their malicious codes invisible to the software.
If Google can change their strategy and use more of human labor to review apps while not relying more on software with pre-determined algorithms, the playstore might be a little bit safer for our smartphones to download apps from.