According to a new report published by an Austrian antivirus testing outfit AV-Comparatives, two-thirds of all Android antivirus apps fail to pass even the most basic virus detection tests. 170 of the 250 Android antivirus apps on Google Play tested by the organization were found to be a sham (via ZDNet).
The organization’s gruelling testing process considered the 30% detection mark as a threshold between legitimate antivirus apps and those it considered ineffective or downright unsafe.
The tests weren’t even that complicated. The researchers simply installed each antivirus app on a separate device and automated the device to open a browser, download a malicious app, and then install it. They repeated the process 2,000 times for each app, having the test device download 2,000 of the most common Android malware:
AV-Comparatives staffers said that many antivirus apps didn’t actually scan the apps the user was downloading or installing, but merely used a whitelist/blacklist approach, and merely looked at the package names
“Most of the above apps, as well as the risky apps already mentioned, appear to have been developed either by amateur programmers or by software manufacturers that are not focused on the security business,” the AV-Comparatives staff said.
Interestingly, many of these fake antivirus apps have been identified as developed by the same programmer on an assembly line. You can check out the list of all the 250 apps tested at the results page.