ABDKDo you use any antivirus android app to secure yourself from malware and viruses? Read to find out how most of android antivirus apps work and to your surprise the majority of them don’t even do anything, for instance one AV just adds a millisecond delay on each file you have thus people think it is scanning them, while in reality it is doing nothing. Check out if your AV is in the 100% detection list as shared below.
In a report released this week, an organization that specializes in antivirus testing concluded that approximately two – thirds of all Android Antivirus apps are bogus.
This report, released by AV-Comparatives, was produced in a challenging test process in January this year, during which staff examined 250 Android antivirus apps, available on the Google Play Store.
It shows the dire situation of the Android antivirus industry, which appears to be filled with more bogus than actual cyber security providers.
40% Android AV Apps could detect 30% Malware
Of the 250 applications tested, only 80 detected over 30 percent of the malware they threw in each app during individual testing. The AV-Comparatives team said.
The tests were not complicated at all. Researchers have installed every antivirus application to a separate device and automated it to open a browser, download and then install a malicious app.
The test has been done 2000 times for every app and the test device downloaded 2000 of the most common malware on Android in the wild last year – so all antivirus applications should already be indexed for such strains since a long time ago.
Do Apps Scan for Malware
This fundamental assumption did not, however, reflect results. AV-Comparative employees said that several antivirus apps didn’t scan user applications, but just looked at packages instead of the code and used the whitelist/blacklist.
Some antivirus applications would consider malicious any app that has been installed on a user’s phone if the name of the app wasn’t listed in its whitelist. For that reason, some anti-virus applications are malicious when app authors have forgotten their package names.
On other occasions, certain antivirus apps are using wildcards, including “com.adobe.*.” In their whitelist.
In this case, all the malware strain needed to be used to bypass scans on dozens of Android antivirus products using a package name “com.adobe.[random text ].”
Fake Antivirus Apps
The organization said that the 30 percent (with zero false positives) detection mark was regarded as a threshold between legitimate antiviral apps and those it considered to be ineffective or quite uncertain.
This means 170 of the 250 Android antivirus applications failed the most basic detection testing and were bogus for all purposes.
The AV-Comparatives staff said,
Most of the above apps and risky apps, as mentioned, seem to be either developed by amateur programming companies or by software producers that are not concerned with the safety business.
“Most of the above apps, as well as the risky apps already mentioned, appear to have been developed either by amateur programmers or by software manufacturers that are not focused on the security business,” stated AV-Comparatives.
researchers said,
Examples of the latter category are developers who make all kinds of apps, are in the advertisement/monetization business, or just want to have an Android protection app in their portfolio for publicity reasons.
Lukas Stefanko, a mobile malware analyst from ESET, has alerted the public to these threats.
Would you use AntiVirus that detect itself as risky app?
This Fake Antivirus 2019 uses only blacklist & whitelist for package names of apps + permissions check. Still forget to whitelist itself. pic.twitter.com/CdvlPkGPvL
— Lukas Stefanko (@LukasStefanko) November 28, 2018
Fake antivirus – 𝐒𝐝 𝐂𝐚𝐫𝐝 𝐕𝐢𝐫𝐮𝐬 𝐒𝐜𝐚𝐧𝐧𝐞𝐫 – has over 10K installs but isn't scanning any files for malware.
Instead of scanning files, it sets 10 millisecond time delay on each file to impersonate file scan functionality. #DiscloseApp pic.twitter.com/cf7Jj3BVA3
— Lukas Stefanko (@LukasStefanko) September 13, 2018
Over 100,000 people are protected by this fake Antivirus.
It flags @signalapp and @PayPal as apps with high risk.
Use only trustworthy AV, not this garbage that after scan makes you uninstall almost all of your apps because its nonsense detection rules. pic.twitter.com/iy5L8fscOG— Lukas Stefanko (@LukasStefanko) November 28, 2018
Besides, many of these applications were also developed by the same programmer. Tens of applications have the same user interface, and many have shown more interest in ads than in a fully functioning malware scanner.
The AV-Comparatives study results are no surprise to anyone who has been concerned with the Android Antivirus Scene over the past few months in the cyber security world.
Effective Antivirus Apps on Android
List of 23 antivirus apps which passed 100% detection of malware test.
| S. No. | Vendor |
| 1 | AhnLab |
| 2 | Antiy |
| 3 | Avast |
| 4 | AVG |
| 5 | AVIRA |
| 6 | Bitdefender |
| 7 | BullGuard |
| 8 | Chili Security |
| 9 | Emsisoft |
| 10 | ESET |
| 11 | ESTSoft |
| 12 | F-Secure |
| 13 | G Data |
| 14 | Kaspersky Lab |
| 15 | McAfee |
| 16 | PSafe |
| 17 | Sophos |
| 18 | STOPzilla |
| 19 | Symantec |
| 20 | Tencent |
| 21 | Total Defense |
| 22 | Trend Micro |
| 23 | Trustwave |
Conclusion
The study concludes
There are only 23 tested apps that were able to detect 100% of the malware. Out of which 16 apps were not adequately moved to Android 8, reducing their coverage on newer Android versions.
Which antivirus android app do you use? Is it included in the list? Let us know in the comment below.
Taj S
Dr-Hack
Abdul Raziq
Add comment