Google introduced a new feature called Bouncer to keep malicious apps from Google Play Store. Bouncer automatically scans malicious apps in Play Store and developer accounts for finding something suspicious in them.
It does scanning with the help of reputation engine and cloud infrastructure.
But as every other security feature has some flaws in it, Bouncer too has a critical which is that it can be fingerprinted. Bouncer uses QUME software that can emulate hardware platforms. Bouncer only does dynamic analysis.
Due to all these security loopholes in Bouncer many of the attacks can bypass Google Play Store's security check. Attacks such as Delayed attack, Update attack, etc are used to bypass Play Store's security check.
Delayed Attack: In this attack the application contains malicious payloads that looks legitimate when running in Bouncer. After it gets into the user's device, it is only then that the payloads gets activated at runtime.
Update Attack: In this attack, no malicious payload need to be included in Bouncer's detection but can download contents from it's remote command & control center (C&C) to upload stolen data or receive further commands.
Study Material
Quiz