When it comes to older apps that you don’t use anymore, do you uninstall them from your phones or do you leave them installed on the off chance that they might come in handy one day? In some cases, the developers of these apps might have dropped support for them, and Google might have removed these titles from the Play Store. If you weren’t informed about any of these actions, you could end up with these apps and their icons remaining on your device, creating a security risk.
Google will soon inform Android users when an app they installed has lost developer support
Currently, Android users are only warned via Play Protect when a serious security threat forces Google to remove an app from the Play Store or to label it a “potentially harmful app.” When an app is removed from the Android app storefront by a developer, no warning or notification is issued.
Google Play Protect scans your apps every day and also scans your device when you install a new app via the Play Store or by sideloading it.
The hidden strings of code all have something in common
The only way you might find out whether an app you have installed has been delisted from the Play Store would be if you read about it in PhoneArena or tried to install it on a new phone. But as noted earlier in this article, this might be about to change.
The strings of code that were found in the latest version of the Play Store say:
- webp was removed from Google Play and will no longer receive updates.
- webp and %2$d other apps were removed from Google Play and will no longer receive updates.
- webp and type=”image/webp” were removed from Google Play and will no longer receive updates.
At that point, Android users can determine whether they want to keep the apps on their phones or uninstall them.
Screenshot of the Google Play Store. | Image by PhoneArena
Abandoned apps, when they stay on your phone, can be a security risk
The problem is that these apps, which turn Android devices into a remote mouse and keyboard, all contain critical remote code execution (RCE) vulnerabilities. This is a major issue because an attacker can steal data (including personal data), install malware, and more.
Even though these apps are abandoned by the developers, if they haven’t been uninstalled from your phone, they are still unpatched and offer attackers a way to get into your devices and grab your personal information. If you’re wondering how this fits with Google’s new feature, it is quite simple.
Why Google created the new warning about abandoned apps
By sending a notification to Android users telling them that apps they still have installed on their phones no longer receive support, it might give them incentive to delete the apps. Remember, these apps can be used by bad actors to access personal information, including credentials used by device owners to access their financial apps.
