Android antivirus  - r4Vjv1552717204 - 138 Android Anti Virus Apps are Frauds in Google Play Store

Recent In-depth analysis against Antivirus in Google play reveals that, 138 Android antivirus products are completely and
potentially harmful to Android users.

AV-Comparatives research team performed the effectiveness of antimalware programs for Android to ensure the quality of malware detection against various sophisticated malware.

For the analysis, they took 20 Android antivirus apps published by different developers from the Google Play Store.

Test result reveals that only 80 Android Antivirus apps are detecting atleast 30% of malicious files and apps without any false alarm.

138 apps were detected less than 30% malware samples that is used for this test process with high rate of false positive on the legitimate and well known apps.

Remaining 32 antimalware apps are already removed form the google playstore by the respective developers, but all the tested samples in this list are highly risky and potentially harmful.

- antivirus apps collage - 138 Android Anti Virus Apps are Frauds in Google Play Store
user interfaces of malicious apps

0% Malware Detection

The AV-test is based on the detection score, the scoring range starts from 100% and the least limit is 30%. An android app should detect atleast 30% of the malware samples.

In this case, Only 23 among 80 Android antivirus had 100% detection rate and rest of the apps are detecting the following percentage of detection,

Vendor %
AhnLab 100%
Chili Security
Kaspersky Lab
Total Defense
Trend Micro
eScan 99.8%
Quick Heal
Lookout 99.6%
BSafe 99.5%
Malwarebytes 99.4%
CheckPoint 99.1%
Qihoo 99.0%
Hi Security 98.6%
NSHC 98.4%
AegisLab 98.3%
Samsung 97.7%
Webroot 97.4%
Zemana 97.3%
Hawk App 97.1%
TrustGo 96.0%
DU Apps 94.7%
Alibaba 92.9%
Tapi 92.4%
IntelliAV 91.8%
Panda 91.6%
Dr. Web 90.8%
Privacy Lab 89.9%
Zoner 88.9%
APUS 87.8%
Clean Boost+
Hyper Speed
Phone Clean
Power Tools
Smooth Apps
Super Security
We Make It Appen
Max Dev 82.2%
Comodo 77.6%
TG Soft 76,7%
Antivirus Apps 74.8%
Trustlook 73,8%
Media Master 73.1%
Brainiacs 72.5%
Google 68.8%
Malwarefox 63.8%
GizmoSmart 54.1%
NQ 45.0%

According to AV comparatives, “The table above shows the protection rates reached by the 80 products that blocked over 30% of samples. We consider AV apps that block less than 30% of common Android threats to be ineffective/unsafe.”

Rest of the Apps are Fake

Apart from these 80 Android antivirus apps, remaining 138 vendors  detected less than 30% of samples and those all are considered as a very risky apps for Android users.

Many of the apps in this fake app list are already detected by reputed mobile antimalware apps as Trojans, dubious/fake AVs, potentially unwanted apps (PUA).

List of fake malware apps listed in the Google Play Store.

1Machine System Sdn Bhd, actionappsgamesstudio, Amantechnoapps, AMIGOS KEY, Amnpardaz Soft, AndroHelm Security, ANTI VIRUS Security, Antivirus Mobile Lab, antivirus security, appflozen, appsshow, Appzila, Arcane Security Solutions, AS team security phone Lab, asuizksidev, Ayogames, AZ Super Tools, azemoji studio, Baboon Antivirus, bESapp, Best Battery Apps, Best HD Wallpapers APPS, Best Tools Pro, BestOne, Bit Inception, BKAV, Bom Bom, Booster studio Laboratory Inc., brouno, Bulletproof AV, Caltonfuny Antivirus Phone, Cheetah Mobile, CHOMAR, Chromia, Cloud 7 Services, Core Antivirus Lab, CPCORP TEAM: Photo blur & photo blender, CreativeStudioApps, CY Security, Defenx, DefineSoft, DreamBig Studios, DU Master, electro dev, Erus IT Private Limited, Falcon Security Lab, Fast n Clean,, Formation App, Apps Drive, FrouZa, Galaxy TEAM, GameXpZeroo, GlobalsApps, gndnSoftware, GOMO Apps, GoNext App Developers, Gridinsoft, LLC, handy tools apps, Hello Security, Immune Smart, INCA Internet, infiniteWays007, Islamic Basic Education, Itus Mobile Security, JESKO, jixic, Kolony Cleaner, Koodous Mobile, lempea, LINE, LIONMOBI, Live multi Player Game, Main Source 365 Tech, Mama Studio, MAN Studio, Marsolis Tech, Max Antivirus Lab, Max Mobi Secure, MaxVV, Mob Utilities, Mobile Tools Plus, Mobtari, Mond Corey, M-Secure, MSolutions, MSYSOFT APPS, My Android Antivirus, NCN-NetConsulting, Nepelion Camp, Nisi Jsc, Niulaty, NP Mobile Security, NPC Studios, Omha, Oxic Studio, Pix2Pic Studio, playyourapp, Pro Tool Apps, prote apps, Protector & Security for Mobile, Puce, Radial Apps 2018, RedBeard, Secure Cloud, SecureBrain2, Security and Antivirus for Android solutions, Security Apps Team, Security Defend, SECURITY LAB, Security Systems Lab, SecurityApplock, Sept Max, ShieldApps, SjaellSoft, SkyMobileTeam, Smart Battery Solution & Creative Screen Lock, smarteazyapps, Software Center, Soft War, stmdefender, Systweak Software, TAIGA SYSTEM, Tokyo Tokyo, Tools dev, tools for android, Utilitarian Tools, Vainfotech, VHSTUDIO, Vikrant Waghmode, Virinchi Software, Virtues Media & Application, VSAR, Wingle Apps, Xtechnoz Apps, XZ Game, Z Team Pro.

“Most of the Malicious apps, as well as the risky apps already mentioned, appear to have been developed either by amateur programmers or by software manufacturers that are not focused on the security business.”

How These Apps were Tested

Researchers from AV comparatives used almost 2000 most common Android malware threats that discovered in 2018 and the test was performed by automated Android testing framework.

” The test was performed in January 2019, mostly on Samsung Galaxy S9 devices running Android 8.0 (“Oreo”). As some security apps did not work properly on Android 8.0, those apps were tested on Nexus 5 devices running Android 6.01 instead (see page 17 for details). Each security app was installed on a separate physical test device.”

Researchers used the same process to test all the apps.

  1. Open the Chrome browser and download the malicious sample
  2. Open the downloaded .apk file using a file explorer app
  3. Install the malicious app
  4. Execute the installed app
Number of tested apps 250
Number of tested malicious APKs 2000
Number of tested clean APKs 100

All the malicious apps has been reported to Google and expected to be removed from Google soon. AV comparatives said.

Training Course: Certified Cyber Threat Intelligence Analysts course that will introduce you to the 8 phases of advanced malware analysis.

Also Read:

VENOM – An Exploitation Tool to Bypass Anti Virus Detection with Encrypted Payloads

Source link


Please enter your comment!
Please enter your name here