More than two thirds of all Android antivirus apps are ineffective and many don't even...

William Gayde

Posts: 376   +5
Staff member

AV-Comparatives is an industry research group that rates antivirus programs on their effectiveness. They recently conducted a study of Android antivirus products from the Google Play Store and the results were rather surprising. They tested each app with 2,000 of the most common Android malware threats and recorded which were caught and which were let through. The tests were automated, but were done on real phones rather than emulators.

The test was designed to be easy and as a result, most of the real antivirus apps detected 100% of the samples. Overall, there were about 50 apps that scored above 90%.

As a control, they also tested clean apps to see if the antivirus apps actually scanned the phone. What they found is that many of the supposed antivirus apps simply marked every other app on the user's phone as suspicious unless it was on a hard-coded list of allowed apps.

Some apps displayed a progress bar during a "scan," but that was just based on a predefined delay for however many files were on the phone. A few of the apps even detected themselves as risky since the developers forgot to add their own name to the app's list of allowed apps.

There was also rampant plagiarism among the less-legitimate apps. Many just used the antivirus engine from other reputable application, despite still charging for their own app. Some of the apps went as far as copying the interface of the legitimate app as shown below.

It can sometimes be difficult to determine which apps are real since shady developers can purchase comments and ratings.

Update frequency or number of downloads isn't the best indicator either. AV-Comparatives recommends sticking with well-known brands since the watered-down free version of a real app is better than any scam app.

Among the recognizable names that did well were Avast, AVG, Avira, Bitdefender, BullGuard, Emsisoft, ESET, F-Secure, Kaspersky Lab, McAfee, Sophos, STOPzilla, Symantec, Tencent, Trend Micro, VIPRE, Lookout, Malwarebytes, CheckPoint, Webroot and Zemana. Check out the report for the full list.

We are also surprised about the amount of bogus "security" software that is being distributed on Google Play with no intervention whatsoever from the platform. We also have to assume the owners of the AV apps that are legitimate, whose work is scrapped by others, have tried at some point to correct this wrong but app stores in general are really hard to deal with, hence the large number of crappy apps waiting to be discovered. Google eventually removes most of them, but not before thousands of users download them.

Permalink to story.

Last edited by a moderator:


Posts: 682   +434
SlOperating System. Android is the grittiest platform I've ever seen. It's amazing they can get it to do anything at all, really.


Posts: 3,715   +3,609
Anytime you try to stretch a single OS over multiple platforms with multiple specs you get exactly this.

Didn't we learn from Windows?


Posts: 5,461   +6,132
The walled garden approach sure seems to let a lot of bad apps in that it's supposed to prevent...

They take 30% of every developers profits to ensure the marketplace is only filled with legitimate apps. Apparently the only thing they do is bank the money and forget about their promise to provide a quality experience.

If only companies like Google weren't above the law...


Posts: 246   +144
The top 25 or so AV programs scored a 100% detection rate and there were a good number in the high nineties after that. The successful programs were all the well known brands such as Avast, Avira, Kaspersky, Bit Defender etc.

So as long as you don't buy junk from brands you've never heard of you should be OK.
  • Like
Reactions: Heenan73


Posts: 1,403   +312
Google can't even detect/filter unruly apps in time. how much more for the functionality of the so-called antiviruses?


Posts: 292   +125
Well Norton said years ago that they were milking the cash cow fleecing people with an antivirus that no longer worked, it was all malware and 0 day exploits that they had no idea how to deal with.

This is no surprise, and anyone charging is just taking money for nothing as they always have.
  • Like
Reactions: Apogee777


Posts: 33   +6
When did anyone actually ever get an ->actual virus<- on there OS in the last 5+ years?
I personally haven't since win8 was released.
yes miners, spyware, phishing, but no viruses on any platform.
There's a simple solution: Android should charge $100 admission fee to Playstore, and use that money to check all new apps. If the app is sound (ie safe, and does what it claims to), $90 gets refunded.
Heck, they'd even make a profit.
It makes perfect sense.
Only in your universe.
If you read the article and looked at the table, you'd have noticed that many antivirus programs work 100%. So it obviously is NOT a problem of Android functionality, it's a problem of *****s, fraudsters, and Google's lack of a sense of responsibility.
But I wouldn't expect you to understand that.