- AV-Comparatives has conducted research on Android antivirus apps
- It shows that of 250 antivirus apps, only 80 were able to detect malware
- The team chose 138 vendors that are offering apps on Google Play
While many people believe that an antivirus app is nowadays as essential on mobile devices as on desktops in the past, a new report has claimed that a large number of antivirus and anti-malware apps on Android are just ineffective or unreliable. The report, which has been published by Austrian antivirus testing company AV-Comparatives, highlights that of 250 antivirus apps surveyed, only 80 were found to detect over 30 percent of the 2,000 malicious apps threw at them during individual tests. However, most of them were also had relatively high false alarm rates.
According to the detailed report, the team at AV-Comparatives chose 138 vendors that are offering popular antivirus apps on Google Play. The list of vendors includes most popular names, such as Avast, AVG, BitDefender, Cheetah Mobile, DU Master, ESET, Falcon Security Lab, F-Secure, Google Play Protect, MalwareBytes, McAfee, Symantec, and VSAR among others.
Instead of using an emulator, as pointed out by ZDNet, the researchers manually tested each of the 250 apps they’ve selected for the study. They essentially installed the apps on an Android device and then automated the process to open a browser and download a malicious app to install it on the device. The process was followed 2,000 times, and it helped to highlight the outcome that most of the apps aren’t effective to detect virus or malware.
Having said that, the testing by AV-Comparatives found that some of the available antivirus apps were able to block malicious apps. But there were many apps that were capable of detecting on some old Android malware samples and allowing other apps that contain certain strings — essentially using a “whitelist” for sake of protection.
In some cases, the surveyed antivirus apps even detected themselves as malicious since their vendors didn’t add their own package names to the whitelist. Some of the apps were even noticed with wildcards to allow packages beginning with text such as “com.adobe”. This could turn out to be a dangerous approach as hackers would use similar package names of their malicious apps to bypass the security.
The AV-Comparatives team notes that since they used 2,000 most common Android malware threats of 2018 for their testing, detection rates of between 90 and 100 percent should easily be achieved by effective anti-malware apps.
But the reality is apparently quite far away from the presumption as 170 of the 250 antivirus apps were failed in the basic detection tests. Also, only 23 of the examined apps are claimed to have detected 100 percent of the malware samples, whereas 16 apps in the list aren’t even designed for devices running Android 8.0 Oreo or above.
Notably, Google has its Play Protect to offer malware-protection on Android devices by default. But a large number of smartphone users often install apps from unknown sources, such as in the form of APK files or through third-party app stores, that affect security on smartphones. Instances of malicious apps on Google Play were also reported in the past that are making Android overall a notorious mobile platform.