Android Jellybean to scan apps for malware, and warn of expensive SMS scams

Last month, Naked Security uncovered evidence that Google was planning to starting scanning Android apps for malware on users’ smartphones.

Is Google about to start scanning your Android for malware?

Google has now confirmed that the functionality will be coming to the next version of Android (4.2, also known as Jelly Bean).

In a recent interview with Computerworld, Android’s VP of Engineering explained that in the next version of the operating system, it will be possible to scan any apps that are installed from third-party marketplaces.

Sign up to our free newsletter.
Security news, advice, and tips.

Hiroshi Lockheimer told JR Raphael that the first time apps are installed from anywhere other than the official Google Play store, Android will display a message asking the user if they want the app to be checked for “harmful behavior”.

Google Android verifying apps

So, what happens when you tell Google that you want it to check the apps that you install on your Android phone?

Well, by the sound of things, your Android smartphone will send identifying information about the app (the equivalent of a signature) up to Google’s servers. There Google will check to see if it a known legitimate app that has already been whitelisted, or determine if it is a known sample of Android malware (and prevent you from installing it).

Of course, it’s very possible that Google won’t have seen the app before – in which case it will be the user’s decision whether to proceed with the installation.

Lockheimer told Computerworld:

"We have a catalog of 700,000 applications in the Play Store, and beyond that, we're always scanning stuff on the Web in terms of APKs that are appearing. We have a pretty good understanding of the app ecosystem now, whether something's in the Play Store or not."

It’s good that Google is trying to do more to protect Android users from malware, as in the past their attitude towards the problem has been what some would describe as reckless.

For instance, a year ago, Google’s open-source programs manager, Chris DiBona, described anti-virus vendors as “charlatans and scammers”, saying that anyone who worked for a company selling virus protection for Android should be “ashamed” of themselves.

Well, it sounds like Google are kinda providing virus protection for Android users now.. :)

Jelly beans with malwareIt’s a good thing that Google has definitely woken up to the threat of malware on Android devices.

Their own attempts to keep malware out of the official Android app store (named “Google Play”) has met with varying levels of success).

And it’s clear that cybercriminals have frequently used third party marketplaces to distribute Android malware – including fake versions of Instagram, and Angry Birds.

How good Google’s virus-checking will turn out to be remains to be seen, and it relies upon users opting into the service.

If you’re worried about Android malware, you wish to try out Sophos’s free anti-virus for Android for an independent point of view.

In related news, Computerworld reports that Android 4.2 will alert users whenever an app attempts to send an SMS text message that could cost you money.

As so much Android malware relies upon SMS messages to earn revenue for their authors, anything which alerts users to the potential for mischief has to be good news.

Jellybeans image from Shutterstock.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "The AI Fix" and "Smashing Security" podcasts. Follow him on Bluesky, Mastodon, and Threads, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.