This article originally appeared in Journal of Cyber Policy on August 5, 2018.
Google pulled 145 apps from the Play Store after discovering they were laden with malware intended for Windows machines. With the majority of the infected apps released to Google Play between October 2017 and November 2017, many have been lurking in the app store for over six months. Read Full Article Here: Malicious Android apps infected with Windows keyloggers pulled from Google Play | ZDNet
Chris Olson, CEO of The Media Trust The Media Trust, provided the following comments:
“Google’s decision to remove the malicious apps from its store sends out a strong message that they want to be good digital citizens and set better standards for the apps they want to feature.
Companies should take heed of growing consumer wariness with breaches and data leakage and stay compliant with a growing number of consumer privacy laws like the EU’s GDPR, Canada’s PIPEDA, and the California Consumer Privacy Act, which restricts what data companies can collect, what they can do with the data, and whom they can share it with.
Google, ever under growing scrutiny by the public and regulators, wants nothing to do with malicious actors and infected products. But other companies, regardless of their size, should pay attention. In France, regulators made examples of two start-ups that violated regulations.
To succeed in this increasingly regulated environment, companies will need to put together a robust digital vendor risk management program that will enable them to pay close attention to their direct and indirect digital third parties’ activities, ensure they align with policies, and terminate them when they don’t.”