CSA works with Google to block sideloading of potentially risky Android apps
ANDROID users in Singapore will be blocked from sideloading apps with certain sensitive permissions, as a new feature is piloted and progressively rolled out over the next few weeks.
On Wednesday (Feb 7), Google said it worked with the Cyber Security Agency of Singapore (CSA) to create the feature to protect users when they attempt to install potentially risky apps.
Users have been targeted and lured into downloading such apps from Internet-sideloading sources such as web browsers, messaging apps and file managers. Sideloading refers to the act of downloading and installing apps outside of official app stores, such as the Google Play Store.
The new feature will block apps with four sensitive permissions that allow it to read SMSes, receive SMSes, use the accessibility service and listen to a user’s notifications. The accessibility service can give malicious apps the ability to simulate touching a phone’s screen, giving it access to the contents on the screen.
“Based on our analysis of major fraud malware families that exploit these sensitive runtime permissions, we found that over 95 per cent of installations came from Internet-sideloading sources,” Google said.
It added that it will continue to support CSA by assisting with malware detection and analysis, sharing malware insights and techniques, and creating user and developer education resources.
GET BT IN YOUR INBOX DAILY
Start and end each day with the latest news stories and analyses delivered straight to your inbox.
CSA deputy chief executive Chua Kuan Seah said the partnership with players such as Google is part of the regulator’s efforts to stay ahead of cybercriminals as they refine their methods.
Since August last year, banks also implemented anti-malware measures. These measures usually restrict customer access to mobile apps if screen-sharing or screen-mirroring is happening while the apps are accessed.
In its mid-year statistics for scam and cybercrime cases, the Singapore Police Force said there were at least 750 cases of Android users falling prey to malware scams in the first half of 2023. Of these, 11 had unauthorised withdrawals made from their Central Provident Fund savings.
KEYWORDS IN THIS ARTICLE
BT is now on Telegram!
For daily updates on weekdays and specially selected content for the weekend. Subscribe to t.me/BizTimes
Companies & Markets
Google, US clash over search advertising as trial winds down
Apple rallies most in 18 months on upbeat forecast, buyback
US: Wall St opens sharply higher on soft jobs data
HSBC has no plans to dispose of further businesses, chairman says
Glencore Group nears deal for Shell’s Singapore oil refinery
Chinese share of French EV market slumps after incentives curbed