Tuesday, July 23, 2024
EHA

138 Android Anti Virus Apps are Frauds in Play Store – Only 23 Apps Performed 100% Malware Detection

Recent In-depth analysis against Android Antivirus in Google play store reveals that, 138 Android antivirus products are completely fake and potentially harmful to Android users.

AV-Comparatives research team performed the effectiveness of antimalware programs for Android to ensure the quality of malware detection against various sophisticated malware.

For the analysis, they took 250 Android antivirus apps published by different developers from the Google Play Store.

Test result reveals that only 80 Android Antivirus apps are detecting atleast 30% of malicious files and apps without any false alarm.

138 apps were detected less than 30% malware samples that is used for this test process with high rate of false positive on the legitimate and well known apps.

Remaining 32 antimalware apps are already removed from the google playstore by the respective developers, but all the tested samples in this list are highly risky and potentially harmful.


user interfaces of malicious apps

100% Malware Detection

The AV-test is based on the detection score, the scoring range starts from 100% and the least limit is 30%. An android app should detect atleast 30% of the malware samples.

In this case, Only 23 among 80 Android antivirus had 100% detection rate and rest of the apps are detecting the following percentage of detection,

Vendor%
AhnLab100%
Antiy
Avast
AVG
AVIRA
Bitdefender
BullGuard
Chili Security
Emsisoft
ESET
ESTSoft
F-Secure
G Data
Kaspersky Lab
McAfee
PSafe
Sophos
STOPzilla
Symantec
Tencent
Total Defense
Trend Micro
Trustwave
eScan99.8%
Ikarus
Quick Heal
REVE
Securion
VIPRE
Lookout99.6%
Supermobilesafe
BSafe99.5%
MyMobile
Malwarebytes99.4%
CheckPoint99.1%
K7
Qihoo99.0%
Hi Security98.6%
NSHC98.4%
AegisLab98.3%
Samsung97.7%
Webroot97.4%
Zemana97.3%
Hawk App97.1%
TrustGo96.0%
DU Apps94.7%
Alibaba92.9%
Tapi92.4%
IntelliAV91.8%
Panda91.6%
Dr. Web90.8%
Privacy Lab89.9%
Zoner88.9%
APUS87.8%
CAP Lab
Clean Boost+
Fotoable
Hyper Speed
IOBit
ONE App
Phone Clean
Power Tools
Smooth Apps
Super Cleaner
Super Security
We Make It Appen
Max Dev82.2%
Comodo77.6%
TG Soft76,7%
Antivirus Apps74.8%
Apex
Trustlook73,8%
Media Master73.1%
Brainiacs72.5%
Google68.8%
Malwarefox63.8%
MyData
Watchdog
GizmoSmart54.1%
NQ45.0%

According to AV comparatives, “The table above shows the protection rates reached by the 80 products that blocked over 30% of samples. We consider AV apps that block less than 30% of common Android threats to be ineffective/unsafe.”

Rest of the Apps are Fake

Apart from these 80 Android antivirus apps, remaining 138 vendors  detected less than 30% of samples and those all are considered as a very risky apps for Android users.

Many of the apps in this fake app list are already detected by reputed mobile antimalware apps as Trojans, dubious/fake AVs, potentially unwanted apps (PUA).

List of fake Anti malware apps listed in the Google Play Store.

1Machine System Sdn Bhd, actionappsgamesstudio, Amantechnoapps, AMIGOS KEY, Amnpardaz Soft, AndroHelm Security, ANTI VIRUS Security, Antivirus Mobile Lab, antivirus security, appflozen, appsshow, Appzila, Arcane Security Solutions, AS team security phone Lab, asuizksidev, Ayogames, AZ Super Tools, azemoji studio, Baboon Antivirus, bESapp, Best Battery Apps, Best HD Wallpapers APPS, Best Tools Pro, BestOne, Bit Inception, BKAV, Bom Bom, Booster studio Laboratory Inc., brouno, Bulletproof AV, Caltonfuny Antivirus Phone, Cheetah Mobile, CHOMAR, Chromia, Cloud 7 Services, Core Antivirus Lab, CPCORP TEAM: Photo blur & photo blender, CreativeStudioApps, CY Security, Defenx, DefineSoft, DreamBig Studios, DU Master, electro dev, Erus IT Private Limited, Falcon Security Lab, Fast n Clean, fluer-apps.com, Formation App, Free Apps Drive, FrouZa, Galaxy TEAM, GameXpZeroo, GlobalsApps, gndnSoftware, GOMO Apps, GoNext App Developers, Gridinsoft, LLC, handy tools apps, Hello Security, Immune Smart, INCA Internet, infiniteWays007, Islamic Basic Education, Itus Mobile Security, JESKO, jixic, Kolony Cleaner, Koodous Mobile, lempea, LINE, LIONMOBI, Live multi Player Game, Main Source 365 Tech, Mama Studio, MAN Studio, Marsolis Tech, Max Antivirus Lab, Max Mobi Secure, MaxVV, Mob Utilities, Mobile Tools Plus, Mobtari, Mond Corey, M-Secure, MSolutions, MSYSOFT APPS, My Android Antivirus, NCN-NetConsulting, Nepelion Camp, Nisi Jsc, Niulaty, NP Mobile Security, NPC Studios, Omha, Oxic Studio, Pix2Pic Studio, playyourapp, Pro Tool Apps, prote apps, Protector & Security for Mobile, Puce, Radial Apps 2018, RedBeard, Secure Cloud, SecureBrain2, Security and Antivirus for Android solutions, Security Apps Team, Security Defend, SECURITY LAB, Security Systems Lab, SecurityApplock, Sept Max, ShieldApps, SjaellSoft, SkyMobileTeam, Smart Battery Solution & Creative Screen Lock, smarteazyapps, Software Center, Soft War, stmdefender, Systweak Software, TAIGA SYSTEM, Tokyo Tokyo, Tools dev, tools for android, Utilitarian Tools, Vainfotech, VHSTUDIO, Vikrant Waghmode, Virinchi Software, Virtues Media & Application, VSAR, Wingle Apps, Xtechnoz Apps, XZ Game, Z Team Pro.

“Most of the Malicious apps, as well as the risky apps already mentioned, appear to have been developed either by amateur programmers or by software manufacturers that are not focused on the security business.”

How These Apps were Tested

Researchers from AV comparatives used almost 2000 most common Android malware threats that discovered in 2018 and the test was performed by automated Android testing framework.

” The test was performed in January 2019, mostly on Samsung Galaxy S9 devices running Android 8.0 (“Oreo”). As some security apps did not work properly on Android 8.0, those apps were tested on Nexus 5 devices running Android 6.01 instead (see page 17 for details). Each security app was installed on a separate physical test device.”

Researchers used the same process to test all the apps.

  1. Open the Chrome browser and download the malicious sample
  2. Open the downloaded .apk file using a file explorer app
  3. Install the malicious app
  4. Execute the installed app
Number of tested apps250
Number of tested malicious APKs2000
Number of tested clean APKs100

All the malicious apps has been reported to Google and expected to be removed from Google soon. AV comparatives said.

Training Course: Certified Cyber Threat Intelligence Analysts course that will introduce you to the 8 phases of advanced malware analysis.

Also Read:

VENOM – An Exploitation Tool to Bypass Anti Virus Detection with Encrypted Payloads

Website

Latest articles

SonicOS IPSec VPN Vulnerability Let Attackers Cause Dos Condition

SonicWall has disclosed a critical heap-based buffer overflow vulnerability in its SonicOS IPSec VPN....

Hackers Registered 500k+ Domains Using Algorithms For Extensive Cyber Attack

Hackers often register new domains for phishing attacks, spreading malware, and other deceitful activities. Such...

Hackers Claim Breach of Daikin: 40 GB of Confidential Data Exposed

Daikin, the world's largest air conditioner manufacturer, has become the latest target of the...

Emojis Are To Express Emotions, But CyberCriminals For Attacks

There are 3,664 emojis that can be used to express emotions, ideas, or objects...

Beware Of Fake Browser Updates That Installs Malicious BOINC Infrastructre

SocGholish malware, also known as FakeUpdates, has exhibited new behavior since July 4th, 2024,...

Data Breach Increases by Over 1,000% Annually

The Identity Theft Resource Center® (ITRC), a nationally recognized nonprofit organization established to support...

UK Police Arrested 17-year-old Boy Responsible for MGM Resorts Hack

UK police have arrested a 17-year-old boy from Walsall in connection with a notorious...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Free Webinar

Low Rate DDoS Attack

9 of 10 sites on the AppTrana network have faced a DDoS attack in the last 30 days.
Some DDoS attacks could readily be blocked by rate-limiting, IP reputation checks and other basic mitigation methods.
More than 50% of the DDoS attacks are employing botnets to send slow DDoS attacks where millions of IPs are being employed to send one or two requests per minute..
Key takeaways include:

  • The mechanics of a low-DDoS attack
  • Fundamentals of behavioural AI and rate-limiting
  • Surgical mitigation actions to minimize false positives
  • Role of managed services in DDoS monitoring

Related Articles