Out of 250 Android antivirus apps, only under one-third performed satisfactorily in a recent test by AV-Comparatives. Just 80 of them passed the site's basic standard, one of which is being able to detect more than 30 percent of malicious apps from 2018 and incurring zero false positives.
Most apps that fell short of these standards failed spectacularly: they would flag themselves as viruses, according to the researchers.
Android Antivirus Apps Suck
In some cases, the failure is straightforward: the apps aren't scanning app code. Instead, they're simply using app whitelists or blacklists, and sometimes very broad ones. This is critical, because an antivirus app that merely performs in this fashion — in which only specifically named apps are permitted to run on the device — really can't claim protection from malicious agents.
An antivirus app that relies only on whitelisting is susceptible to blocking perfectly legitimate apps. Then there's another concern — in the test, the apps were instructed to trust any package name that starts with, for example, "com.adobe." or "com.facebook." Any hacker could name their malware with either prefix and pass through unscathed.
"In the past we and others found malicious apps, non-working apps, so it is not really a surprise to find some bogus AV apps as well," says Peter Stelzhammer AV-Comparatives COO. "In the times of rogue AV software, you have to be aware of everything."
Why would some developers go through all the trouble of creating bogus antivirus apps? The answer? Data collection. Antivirus apps naturally ask for deep device permissions. Which is one of the easiest ways to siphon private data from users.
"This ranges from basic information like the model of the phones, towards live GPS polling, phone numbers, and any other personally identifiable information up for grabs," says security intelligence firm RiskIQ's Yonathan Klijnsma.
People are more likely to grant such apps broad permissions because they're under the impression that they would use those permissions to protect users. Fortunately, Google has done a lot of sandblasting to swat most of these apps away — most. Some still persist.
Fortunately, good ones are available, too. The apps that performed well in the test come from familiar brands, including AVG, Kaspersky, McAfee, and Symantec. These are the ones to trust for those on the market for a good antivirus app.