Two-Thirds of Android Antivirus Apps Are Total BS

An anonymous reader quotes a report from Tom's Guide: Austrian antivirus-testing lab AV-Comparatives tested 250 antivirus apps in Google Play against 2,000 malware samples. They found that only 80 of the apps could stop even a minimal amount of malware. "Less than one in 10 of the apps tested defended against all 2,000 malicious apps, while over two-thirds failed to reach a block rate of even 30 percent," the lab said in a press release. To make sure you're protecting your Android device properly, stick to apps from well-known antivirus companies. Basically, AV-Comparatives said, most Android antivirus apps are phony, and many of them seemed to have been created only to display ads or promote a developer's career. "The main purpose of these apps seems to be generating easy revenue for their developers, rather than actually protecting their users," the AV-Comparatives report said.

Less than 1 in 10?

So does that mean of the 2000, that 200 were OK? Care to give us a list?

Re:Less than 1 in 10?

[The+New+Guy+2.0]

We really need to get antivirus down to a charity level of business... too many illegitimate stabs at profit going on here.

Re:Less than 1 in 10?

Android is the "total BS" - 2/3 of the antivirus apps on the platform being BULLSHIT = the platform is ~2/3 BULLSHIT. Whatever you feel about AV software, fine, but this isn't even an attempt at the problem. It's a complete charade.

And with the loose permissions on that platform, no doubt some of these anti-malware apps are closer to malware than they are AV.

Re:Less than 1 in 10?

So does that mean of the 2000, that 200 were OK? Care to give us a list?

The answer to your questions, including the full list, are in the first link from the summary. Please, learn to use your left mousse button before posting on slashdot.

The good ones, according to the article from the second link, are:

Twenty-three apps did detect all malware samples AV-Comparatives threw at them, including Tom's Guide's top three picks: Bitdefender Mobile Security, Norton Mobile Security and Avast Mobile Security.

Our sixth-place pick, Psafe DFNDR, was also in the 100-percent category, although AV-Comparatives noted that DFNDR used Avast's antivirus engine and had not updated itself to run properly on Android 8 Oreo and later. Lookout Mobile Security, our No. 5 pick, was a little behind the others with 99.6 percent. (Google's own Play Protect antivirus software did poorly, with a detection rate of only 69 percent.

Re:Less than 1 in 10?

We really need to get antivirus down to a charity level of business... too many illegitimate stabs at profit going on here.

Guess I have little sympathy when P. T. Barnum established this business practice well over a century ago. Ignorance, is timeless, as demonstrated by those who fail to understand antivirus is already a charity. If you're paying for it, you are a sucker.

Re: Less than 1 in 10?

most Android antivirus apps are phony, and many of them seemed to have been created only to display ads

And this is surprising . . . . . why?

This is what happens when you create an environment based on "give everything away for free and make money from advertising".

Re: Less than 1 in 10?

No dude, did you actually go to the link? The list at that link are the ones that don't work plus one that have been banned. Do you work for slashdolt?

Re:Less than 1 in 10?

[drinkypoo]

We really need to get antivirus down to a charity level of business...

It's possible to scan files on an Android device with ClamAV, a couple of different ways. As long as you get a rootable device, you can access enough files to make it worth scanning.

Re: Less than 1 in 10?

That's the open markets way and if is good for macroeconomics and society then is fine for everything... :P

Re:Less than 1 in 10?

[rickb928]

OTOH, you apparently didn't read even the summary. And are too lazy to read the article.

OTOH, you are an AC.

Re: Less than 1 in 10?

[rickb928]

The open market for what?

For advertising, well, yeah, it's a wild market.

For information? Well, this article is proof that an open market works. Else, you would never have known that these apps do nothing but display ads.

And of course we all know advertising is purely for our benefit and edification, right?

Just don't try to play dumb with us. You're actually dumber than you know in that.

Re: Less than 1 in 10?

The ads are nor surprising. The fact that most of the antivirus apps doesn't discover any kind of virus/malware AT ALL is the surprise.

No surprise if an antivirus app full of ads only discovers a small set of old well-known exploit. That is your basic bad product, written once and never updated because no development means more profit.

But these guys weren't even trying! Selling antivirus apps that doesn't discover anything is fraud - it is not an antivirus app. (And yes, they are SELLING when the app is ad-financed. It is not a giveaway when it comes with ads. The ad 'price' may be the 'right price', but it is a price. The price for fraud would be to pay back the ad money gathered - they can't make me unsee the ads.)

Re: Less than 1 in 10?

Read the article until you find it; it's there.

Re:Less than 1 in 10?

Also antivirus software is fertile ground for trojan delivery.

What's better: a trojan that infects your victim's system, or one that infects your victim's system while giving them a false sense of safety becayse they have AV installed and optionally cleaning out any competitor's malware?

App Store is enough

[The+New+Guy+2.0]

As long as you're using your smartphone's official App Store, there's nothing that an antivirus has to do... bad code is recalled by the store, and there's little way to get around the rules of the store.

Re:App Store is enough

You enjoying the feeling of that big corporate dick in your milquetoast ass?

Keep sucking on that big money dick.

Re:App Store is enough

As long as you're using your smartphone's official App Store, there's nothing that an antivirus has to do... bad code is recalled by the store, and there's little way to get around the rules of the store.

Right. That's why every AppStore that has ever existed has been filled with malware.

Bad code gets removed . . . eventually. After it has been downloaded a few million times.

Re: App Store is enough

[astrofurter]

The overwhelming majority of apps in the Google Play Store are straight up malware.

Re: App Store is enough

[kurkosdr]

Source?

Re: App Store is enough

Have you ever looked at the permissions they ask for? And I don't know about newer Android versions, but on 5 and prior you can't turn them off. Most of the store IS malware if you install it.

Re:App Store is enough

Apple does that Google doesn't.

Also even with Apple's comparatively high level of diligence, they still fuck up and let stuff through sometimes.

Re: App Store is enough

[astrofurter]

Source: my own two eyes

Re:App Store is enough

[The+New+Guy+2.0]

Antivirus can only recall bad code when a signature is distributed.

Fair Value of Antivirus for Andriod

[The+New+Guy+2.0]

(Cost of incident) times (frequency the incident has happened)... equates to unknown times zero... antivirus is currently worthless.

Re:Fair Value of Antivirus for Andriod

[Krishnoid]

In all fairness, the other third of the antivirus apps also keep dangerous animals at bay.

Breaking News!

Android app store sucks. Free apps full of ads. Read all about it every single day because people never learn.

the Google Play app store

[FudRucker]

is a shithole of junkware, anything good is buried under a thousands of shitware that is not worth bothering to download, Google should be ashamed of Google Play for allowing it to become just a HUGE pile of shitware

Re:the Google Play app store

And sperglords think Google is somehow auditing, line by line, every shitty app in their store.

Y'all niggas out here freaking out about giving your Vizio internet access for a firmware update, yet bending over and dropping the soap like Google's prison bitch on yo phones.

Re:the Google Play app store

[rudy_wayne]

is a shithole of junkware, anything good is buried under a thousands of shitware that is not worth bothering to download, Google should be ashamed of Google Play for allowing it to become just a HUGE pile of shitware

Proper vetting of apps would cost them too many Shekels.

We can't have that now, can we?

Re:the Google Play app store

[aybiss]

Strangely though, I never feel the need to install thousands of apps to find that out, and love the apps that I know are good and have had installed on every phone for like 10 years now.

Re:the Google Play app store

[brunes69]

Yeah, because the iTunes store is not also full of shitware...

Have you ever tried searching for "Flashlight" on iTunes? How many apps are there? Tons of them are loaded with ads.

Its the same Junkware on Apple store as Google store.

Re:the Google Play app store

[dcw3]

Have you ever tried searching for "Flashlight" on iTunes?

Um, no because my fucking iPhone comes with a built in flashlight and I normally search for apps in the App Store, not iTunes. But to the overall point of the article, how many iPhones, iPads, iEtc., have ever had a problem with malware compared to Android?

Re: App Store is enough... GAYpk

Yes, I love HOSTing dick in my ass, and my mouth, and my hands.

GAYpk

In what way were any good?

[SuperKendall]

I am highly suspicious there is even a single AV app that is of any use, even if not actively harmful.

Re: In what way were any good?

[Lije+Baley]

The remaining third of them were "complete B.S."

Re: In what way were any good?

Frontline (that thing you put on your cat) stopped just as many viruses as most antivirus software. A&T basic OS updates do better than google itself

Re:In what way were any good?

[ctilsie242]

I don't understand how AV can be of use on a phone, unless it was running as root. If it is running as just another unprivileged UID, it isn't going to do much.

AV on computers may be justified to tick off checkboxes. On phones with mobile operating systems, the real security needs to be at the app stores.

I wish Google could do a two tier security model:

Tier 1 -- default tier, all apps are curated, scanned by Google's AI for potential mischief, and for an app developer to have an app in Tier 1, they must agree to more stringent requirements, and are put on notice that it doesn't take much for them to have their app chucked from the tier. This is what Amazon does with their Android app store.

Tier 2 -- This is what would be the present state of the Google Play Store.

From here, phones should default to only allow Tier 1, and just like sideloading, tell the user that they don't just walk into Mordor if they want to use Tier 2.

This way, there can be a wide variety of apps, but users have a trustworthy source that is actively curated, and where there is zero mercy shown for developer shenanigans.

Re: In what way were any good?

Android has an API that allows you to scan apks that are being installed. As the article shows some AVs did well detecting malicious apps. Still I think the risk is low unless you sideload. Serious malware is removed from the store quite fast.

Re:In what way were any good?

[brunes69]

- Google already does "Tier 1" as you have it above.

- The purpose of AV apps on Android is to protect you when you allow sideloading. If you use the Amazon app store, or the Aptoide app store, or want Fortnite, then you have to allow sideloading. Enabling sideloading opens up more possibility for attack vectors, especially if it is chained with another bug in Chrome or Firefox to let a web page silently install an app somehow. The way they work is they insert themselves as a new app install handler (Android allows this). Before the sideloaded APK is opened, it is scanned by the AV app.

Re:In what way were any good?

Of course AV isn't much use on an android phone. Just as AV isn't much use on a PC either.

On the phone, you install apps from a reputable source - i.e. Google. Scanning these for viruses should really be done by Google - and then local AV is redundant. The same with a PC - install sw from a reputable source. (A shop or a linux distro.) No viruses installed then.

Some would say a PC can get a virus through the network, through 'vulnerabilities'. Well, this approach apply to phones as well. So either AV is needed for phones too, or not needed for PCs. No middle ground where AV is needed on PCs but not on phones.

Re:In what way were any good?

[kurkosdr]

This. Thank you The Android sandboxing that prevents a random application from making deep modifications to the OS or from accessing privileged information is the exact same sandboxing that prevents antivirus software from being able to scan the deeper operating system. Think of Android as a non-admin Windows session where UAC prompts fail by default or a sudo-less Desktop Linux session. There is no way you can install a antivirus from that session. Most of these Android "AVs" just fetch a list of installed software (using the appropriate OS APIs) and compare against a blacklist, charging an obscene mark up for the "service". Which BTW the Play Store also does for free on GMS-enabled phones. Android AVs are a scam

Re:In what way were any good?

[drinkypoo]

Tier 1 -- default tier, all apps are curated, scanned by Google's AI for potential mischief, and for an app developer to have an app in Tier 1, they must agree to more stringent requirements, and are put on notice that it doesn't take much for them to have their app chucked from the tier. This is what Amazon does with their Android app store.

Isn't ES File Explorer still on the Amazon App Store? That's shady AF

Two-Thirds of ALL Android Apps are total BS

and that's being extremely generous

Lets go make some $$$$

[wolfheart111]

Money Honey :)

that they found 250 to test in the first place..

..ought to clue anyone in that the vast majority of them are absolutely bogus. there's probably less than a couple dozen legitimate developers of consumer 'antivirus' products, total, globally, with the resources to even have half a chance at developing and maintaining an 'anti malware' app for android that actually works.

Thanks for not telling us which ones actually work

...you slashhole

Re: App Store is enough... GAYpk

Look at the niggr monkey trying to goad apk. I would like you to ask you live with yourself leeching off the welfare you disgusting leech?

Oh mercy

AV on a phone? Now Iâ(TM)ve heard everything. Thanks Apple!

Viruses not the problem

[The+Evil+Atheist]

Viruses haven't been a problem for a long time. Not when apps keep asking for permissions for things they shouldn't need, and trick/confuse the user into volunteering their personal data.

Re: Viruses not the problem

[astrofurter]

Most apps - including the useful ones - are malware. Android appears to have been designed with the goal of making it easy to data rape users.

What is an Android virus?

[reanjr]

All the apps have very explicit permissions. Google blocks malware at the source at the Play Store when it is identified. I've never felt at all compelled to run antivirus on Android. What is the value?

A bit harsh

[godel_56]

The top 25 programs tested scored a hundred per cent detection rate and there were more below that in the high nineties, so the negative judgement is bit harsh. Moreover the ones that passed are all the usual suspects like Kaspersky, Avira, Avast etc which anyone with any knowledge would be more likely to buy, rather than some weird unknown brand.

The moral is to stick with the established brands that you know.

Thanks Google

Ad malware brought to you by Alphabet Google. Say "Thanks" kids

Google = Microsoft

Google is the new Microsoft.

Itâ(TM)s all bs

[highinthemountains]

Considering that I have seen machines in my shop with every brand of antivirus on them, I tell my customers that if antivirus really worked, I wouldnâ(TM)t be in business. If itâ(TM)s a reputable antivirus and available for free, why pay for it? Whatâ(TM)s the real value of pay for antivirus? One day itâ(TM)s $9.95, the next itâ(TM)s $39.99 and the day after itâ(TM)s $79.99. Which tells me that itâ(TM)s value is whatever the market will bear.

Fraud

[found404]

When will Google rain down hell and fury at this nonsense? When will our own government take action against this reckless and fraudulent activity? In the age where there is no accountability in tech or simply no accountability anywhere... this is just another example of the shitshow we're all living through.

Re:Fraud

[Anne+Thwacks]

When will Google rain down hell and fury at this nonsense?

After they have sold all the ice from a frozen hell.

Re:Fraud

[dcw3]

Do we really want the government dictating more online shit? How'd that work out for Net neutrality? How'd that work out for healthcare? How'd it work out for the partisan shit show that we've had for the last couple decades?

Miserable state of AV engines

A colleague of mine has a "hobby" of fuzzing various antivirus engines with his custom tools designed mostly to test our own products. The amount of crashes, busyloops and other nasty failures he's able to trigger simply by almost blind fuzzing is amazing. He does tell of his findings to the AV engine vendors, but they tend to become mysteriously unresponsive after couple dozen crash reports in a week, or still finding crashes after several iterations of fixes...

On this basis it's not hard to think that a highly resourceful attacker might actually consider AV engine an attack surface instead of an effective defence...

Fuck Off APK

Fuck Off APK

This is all apps ...

"The main purpose of these apps seems to be generating easy revenue for their developers, rather than actually protecting their users"

Yes, well, in my opinion that seems to be what the overwhelming majority of apps are.

I've given up on apps on my tablet, and don't use a smartphone except for my work phone ... and that is used to check email and for very few other things.

Most apps are written by greedy assholes, and either are complete shit, or are full of ads and analytics ... making them complete shit.

The App economy has ruined software and generally offers a crappy user experience.

My default assumption is if there is a web page, use it. If there isn't, don't bother. Apps these days are either just shit wrappers around web pages, or otherwise add little value.

How to avoid neednig AV products on Android

[DrXym]

Don't download warez or other questionable software onto your phone, you idiots.

grokparsefailure

APK prease2lrn2engrish k.

Actually 90% are garbage

[neo-mkrey]

It's right there in TFS -- only 1 in 10 sussed out all the malware.