An organization specialized in the testing of antivirus products has announced with a report published this week that about two thirds of all Android antivirus apps do not work as advertised.
The report, published by the Austrian antivirus testing company AV-Comparatives, is the result of a grueling testing process that took place in January of this year and during which the organization’s staff examined 250 Android antivirus apps available on the Google Play Store.
The results of the report are absurd: the antivirus apps are detected as malware and highlight the current situation of the Android antivirus sector, where the real IT security providers would be very few.
Of the 250 apps tested, only 80 detected over 30% of the malware they encountered during individual tests, which were not particularly complicated (the researchers installed the antivirus and then automated the device to open a browser, download a malicious app and install it).
The tests were repeated 2,000 times for each app, with 2,000 of the most common Android malware strains detected last year.
The staff of AV-Comparatives stated that many antivirus apps did not actually scan the app that the user was downloading or installing, merely using a black list approach, ie consulting the package names: essentially, some antivirus apps would mark any application installed on the phone as malicious, by default, if the package name is not included in its white list.
This means that 170 of the 250 Android anti-virus applications that have failed detection tests have been developed by amateur programmers or software developers that are not focused on security.