Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Application Security

Many Security Apps on Google Play Inefficient, Fake: Study

Antivirus testing firm AV-Comparatives has analyzed 250 security applications for Android offered on Google Play and found that many of them either fail to detect threats or they are simply fake.

Antivirus testing firm AV-Comparatives has analyzed 250 security applications for Android offered on Google Play and found that many of them either fail to detect threats or they are simply fake.

The applications reviewed by AV-Comparatives were tested against 2,000 malicious and 100 clean APKs, totaling over 500,000 test runs. Unsurprisingly, the tests showed that the products of reputable security firms such as Avast, Bitdefender, ESET, F-Secure, G-Data, Kaspersky, McAfee, Sophos, Symantec, Tencent, Trend Micro and Trustwave can detect all malware.

Overall, 70 products blocked over 80% of the malware samples and 80 products blocked over 30% with no false positives — AV-Comparatives considers antiviruses that block less than 30% as being ineffective or unsafe.

Android apps from 138 vendors were classified as inefficient due to detection rates of under 30% or due to many false positive detections. Some of the apps have been found to incorrectly implement third-party antimalware engines. Others have been removed or will likely be removed from Google Play in the upcoming period as reputable mobile security apps have detected them as trojans, fake AVs or potentially unwanted applications (PUAs).

Many of the applications that AV-Comparatives has classified as “risky” are designed to block almost all applications installed on an Android device, except for apps found on a whitelist, which they consider to be trusted.

“Apart from the apps on their respective whitelists, the risky ‘AV apps’ block almost all other apps, regardless of whether they were installed from the official Google Play Store or not. Some of them do not even bother to add their own packages to their whitelists, causing them to report their own app. If using such an AV app, users can never be sure if any of the other apps on their device are actually malicious, because of the AV app’s ‘block unless whitelisted’ policy. Therefore, we do not consider the protection capabilities of these apps to be appropriate,” AV-Comparatives said.

So-called security apps that rely on blacklists or whitelists to detect threats have been around for some time, but AV-Comparatives says its latest tests have identified a higher number of such applications compared to the previous year. The company believes that the main goal of these apps is to generate easy revenue for their developers and not to actually protect users.

AV-Comparatives says users should only install apps from reputable vendors, rather than rely on data from Google Play, such as user reviews, number of downloads, and the frequency of updates.

Advertisement. Scroll to continue reading.

Related: Android AV App Collected Data on Tens of Millions Users

Related: Hundreds of Fake Android Antivirus Apps Deliver Malware

Related: Google Removes Vulnerable Library from Android

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...

Mobile & Wireless

Samsung smartphone users warned about CVE-2023-21492, an ASLR bypass vulnerability exploited in the wild, likely by a spyware vendor.

Malware & Threats

Apple’s cat-and-mouse struggles with zero-day exploits on its flagship iOS platform is showing no signs of slowing down.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.