Do you use an android antivirus app? A new report has come out to show that two-thirds of all these apps don’t work as advertised – they’re all frauds.
AV-Comparatives, the Austrian company that published the report specialize in conducting tests on antivirus apps showed the vulnerable state of Android security in terms of antivirus apps.
The company tested 250 apps and only 80 passed the basic test. The company installed the app, automated the phone to open a browser, download a malicious app and then install it.
They repeated this whole process 2000 times testing with 2000 strains of Android malware to see if the antivirus app companies had indexed all these and more malware strains.
Here’s why you should be worried
Most of these apps didn’t even scan the malicious apps they were downloading. All they did was check their package names instead of code. This whitelist/blacklist method is so bad that the antivirus app detected the user’s default app as malicious if they didn’t include the package name in its whitelist.
Over 100,000 people are protected by this fake Antivirus.
It flags @signalapp and @PayPal as apps with high risk.
Use only trustworthy AV, not this garbage that after scan makes you uninstall almost all of your apps because its nonsense detection rules. pic.twitter.com/iy5L8fscOG— Lukas Stefanko (@LukasStefanko) November 28, 2018
These apps even detected themselves as malicious.
Would you use AntiVirus that detect itself as risky app?
This Fake Antivirus 2019 uses only blacklist & whitelist for package names of apps + permissions check. Still forget to whitelist itself. pic.twitter.com/CdvlPkGPvL
— Lukas Stefanko (@LukasStefanko) November 28, 2018
Malicious strain bypassed this detection simply by changing their package name to something less suspicious like “com.adobe.[random_text]”
Only 80 apps detected more than 30% of the malware the company tested the apps with. AV-Comparatives took the 30% detection mark with zero positives as the threshold between legit apps and the sham ones that are unsafe and ineffective – so that leaves the 170 others to be fraud apps.
Fake antivirus – 𝐒𝐝 𝐂𝐚𝐫𝐝 𝐕𝐢𝐫𝐮𝐬 𝐒𝐜𝐚𝐧𝐧𝐞𝐫 – has over 10K installs but isn't scanning any files for malware.
Instead of scanning files, it sets 10 millisecond time delay on each file to impersonate file scan functionality. #DiscloseApp pic.twitter.com/cf7Jj3BVA3
— Lukas Stefanko (@LukasStefanko) September 13, 2018
Many of these apps are created with the same developer making some of them have a similar interface instead of showing a fully running malware scanner. Others are developed for ad purposes especially the free ones. Most of them haven’t even upgraded to Android Oreo making the phones that have downloaded the apps vulnerable to attacks.
Is the app you’re using right now a malicious one, check it here.
What to do now?
Use common sense plus this handy list we created for you. Google Play Protect that is inbuilt on the phone will just do okay protecting your phone against malware.
Only 23 of these apps detected 100% of the malware strains tested.
Here are a few of the apps you can download if you’re still paranoid: McAfee Mobile Security(freemium), Bitdefender Mobile Security and Antivirus(paid), Kaspersky Internet Security for Android(freemium), Norton Security and Antivirus(paid), Sophos Mobile Security(free), Trend Micro Mobile Security and Antivirus(paid), Malwarebytes Anti-Malware(free), Avast Antivirus & Security(free), AVG Antivirus Security(free) and Lookout(freemium).
If you still have to download an antivirus app, be cautious of what you’re getting into. Most of them reduce the efficiency of your phone, consume a lot of battery, annoy you with notifications and take up a lot of your storage.