Most Android Antivirus Useless: Report

John Lister's picture

A new report claims most Android "antivirus" apps don't provide enough protection to justify that term. It says two-thirds of the antivirus programs were so ineffective, they were practically useless.

The report comes from AV-Comparatives, a website that tests antivirus and other security software. It says it was inspired to look at Android apps after spotting one that literally did nothing but show a fake progress bar before saying no malicious apps were present (without actually carrying out a scan).

The test involved putting 250 different Android antivirus apps to work on Samsung Galaxy S9 devices. Each ran 2,100 times. In 2,000 of the cases the device was laced with a different variant of the 250 most common malicious apps recorded during 2018. In the remaining 100 cases the device was completely clean of malware. (Source: av-comparatives.org)

Only One In Ten Had Perfect Record

138 of the tested apps failed to meet the very low bar set by the testers: that the app detected at least 30 percent of the malicious apps and that it didn't give any false positives by "detecting malware" when the phone was actually clean. The testers said these apps should be considered ineffective and unsafe.

The tester also notes that only 80 of the apps which did meet this threshold should still be considered effective and safe, including 23 which had a 100 percent detection rate.

Antivirus Apps Label Self as "Risky"

The remaining 32 passed the test but shared a common flaw in the way they worked. The problem was that they used a "whitelist" approach, which meant that any apps with an installation package whose name was on the list were automatically considered safe.

That said, the whitelisting approach has two major flaws: one is that scammers can create a malicious app, then name it with a bogus installation package name to make it look legit. The other is that the approach risks false positives: in some cases the supposed antivirus app even labeled itself as unsafe.

False positive are a big problem as they lead users to become less trusting of security software and potentially ignore warnings about genuine threats. AV-Comparatives said the best bet is to stick to established, reputable antivirus developers. It noted that reviews in Google Play store are often fake, and often users of ineffective antivirus apps will give a good rating, despite not knowing whether the app is really working well. (Source: independent.co.uk)

The list of Apps that Passed and Failed

For a full list of apps which passed and failed, please review the report.

We are purposely not including the list of apps in this article because (a) most apps listed in the report have almost zero reputation and will likely disappear from the list over time anyway; (b) the lists are far too large and would take up too much space in this article, and (c) we have our own opinion on what should be considered as safe (because we know you're going to ask!), listed directly below in the next section "Our Recommendation for Antivirus on Mobile Devices".

Our Recommendation for Antivirus on Mobile Devices

As suggested, the report listed 80 security apps as detecting 30% of malicious programs on devices which had zero false positives. For the full list, please read the report. Of those 80 apps, Infopackets.com considers the following as having a reputable brand, should you decide to install antivirus on your phone or tablet:

MalwareBytes Anti-Malware, Avast Mobile Security, AVIRA Antivirus, Panda Free Antivirus and VPN, Bitdefender Mobile Security & Antivirus, Comodo Mobile Security, Samsung Device Maintenance, Dr.Web Security Space, Sophos Mobile Security, Emsisoft Mobile Security, ESET Mobile Security & Antivirus, F-Secure Internet Security & Mobile Antivirus, Symantec Norton Security, Google Play Protect, Trend Micro Mobile Security & Antivirus, Kaspersky Lab Mobile Antivirus, Webroot Mobile Security & Antivirus, and McAfee Mobile Security.

With that said, Infopackets.com does not generally recommend installing antivirus / antimalware apps on an Android or iOS mobile device simply because the security of the operating system is usually extremely tight, providing the device is up to date.

It is our opinion that antivirus / antimalware apps would only decrease battery usage (requiring too much CPU power to operate to be effective) and should only be installed if and only if the user believes their phone may be infected.

In such cases, our #1 pick is Malwarebytes Antimalware ("MWB") - but, once again - ONLY if you believe you are infected. We then suggest uninstalling MWB after doing a full scan, so that it does not continually occupy resources or drain the battery. We do not feel that MWB (or similar apps for that matter) need to run 24/7 on the phone or tablet (potentially draining resources), nor do you need to pay for a subscription to stay "safe". It is a fact that most "protection" offered by antivirus and antimalware are often overboard and serve only to slow the device down (and drain the battery). This same statement is also true for PCs.

In severe cases, a phone reset should provide the best "protection" should a phone or tablet become compromised, and if MWB or similar programs cannot remove an infection.

This is our professional opinion on the matter - you are welcome to interpret this information however you like.

What's Your Opinion?

Do you use Android antivirus software? Are you surprised so many tools performed so badly? How do you verify that antivirus tools are reliable?

Rate this article: 
Average: 5 (15 votes)

Comments

Carlos T.'s picture

I currently use Kaspersky Internet Security for Android. No claims about it.

dbrumley3077's picture

I have used Avira and Malwarebytes (the free versions) on my Windows computers for quite some time. I am careful about downloads and the sites I visit. I run full scans of my hard drives about once a month. On my last scan, the only thing found was 2 PUPs that were not considered malicious, which were removed. I am taking your advice concerning these types of programs on my smartphone. Thanks for the information.