Security Experts:

Connect with us

Hi, what are you looking for?


Application Security

Many Security Apps on Google Play Inefficient, Fake: Study

Antivirus testing firm AV-Comparatives has analyzed 250 security applications for Android offered on Google Play and found that many of them either fail to detect threats or they are simply fake.

Antivirus testing firm AV-Comparatives has analyzed 250 security applications for Android offered on Google Play and found that many of them either fail to detect threats or they are simply fake.

The applications reviewed by AV-Comparatives were tested against 2,000 malicious and 100 clean APKs, totaling over 500,000 test runs. Unsurprisingly, the tests showed that the products of reputable security firms such as Avast, Bitdefender, ESET, F-Secure, G-Data, Kaspersky, McAfee, Sophos, Symantec, Tencent, Trend Micro and Trustwave can detect all malware.

Overall, 70 products blocked over 80% of the malware samples and 80 products blocked over 30% with no false positives — AV-Comparatives considers antiviruses that block less than 30% as being ineffective or unsafe.

Android apps from 138 vendors were classified as inefficient due to detection rates of under 30% or due to many false positive detections. Some of the apps have been found to incorrectly implement third-party antimalware engines. Others have been removed or will likely be removed from Google Play in the upcoming period as reputable mobile security apps have detected them as trojans, fake AVs or potentially unwanted applications (PUAs).

Many of the applications that AV-Comparatives has classified as “risky” are designed to block almost all applications installed on an Android device, except for apps found on a whitelist, which they consider to be trusted.

“Apart from the apps on their respective whitelists, the risky ‘AV apps’ block almost all other apps, regardless of whether they were installed from the official Google Play Store or not. Some of them do not even bother to add their own packages to their whitelists, causing them to report their own app. If using such an AV app, users can never be sure if any of the other apps on their device are actually malicious, because of the AV app’s ‘block unless whitelisted’ policy. Therefore, we do not consider the protection capabilities of these apps to be appropriate,” AV-Comparatives said.

So-called security apps that rely on blacklists or whitelists to detect threats have been around for some time, but AV-Comparatives says its latest tests have identified a higher number of such applications compared to the previous year. The company believes that the main goal of these apps is to generate easy revenue for their developers and not to actually protect users.

AV-Comparatives says users should only install apps from reputable vendors, rather than rely on data from Google Play, such as user reviews, number of downloads, and the frequency of updates.

Related: Android AV App Collected Data on Tens of Millions Users

Related: Hundreds of Fake Android Antivirus Apps Deliver Malware

Related: Google Removes Vulnerable Library from Android

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.

Application Security

While there are many routes to application security, bundles that allow security teams to quickly and easily secure applications and affect security posture in...

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...