AV-Comparatives test reveals two third of AV on Google Play are bogus

AV-Comparatives, an Australian Independent organization that tests and assesses antivirus software, recently have published a report by checking the effectiveness of 250 AV engine from the Google Chrome. According to the report, two third of the apps are totally useless and are falsely advertised.

 On their test, the AV-Comparatives used 2000 Android malware and 250 AV engine from Google Play store. It is surprisingly to know that only 1 out of 10 apps show 100% detection to the malware. Two third and more are those apps who do not even pass the basic threshold of just 30%. According to the report of AV-Comparatives, most bogus AV engines are just being made for monitory gain; their developers have not much experienced how to create reliable security:

Most of the above apps, as well as the risky apps already mentioned, appear to have been developed either by amateur programmers or by software manufacturers that are not focused on the security business. Examples of the latter category are developers who make all kinds of apps, are in the advertisement/monetization business, or just want to have an Android protection app in their portfolio for publicity reasons.

How they come to the result?

AV-Comparatives select 2000 malware sample of the most prominent malware of 2018 such as Trida, Lokibot and Hiddad. The test was done with the help of automated testing framework so that the testing would be provided a realistically simulates real-world conditions.

As it mentioned, they select the basic threshold of jut 30% to declare an app to pass the test. Only 80 out of 250 apps from Google Play pass the test. Out of those 80, 23 are those who detect all the malware samples.  Some of the name that hit 100% detection to the malware includes Avira, Sophos, Emsisoft, ESET, BItdefender, McAfee and others. Some of the apps which give 99% malware detection were Malwarebytes, CheckPoint and VIPRE.

AV-Comparatives found that the reason behind the low scoring apps is that the authors are not professional. Some authors just use the name of some high vendors’ title to grab the attention, however fail to create a reliable security software and their detection rate is quite low than that of the original software.

AV testing lab report suggests using verified and well known apps:

 <…> we recommend using only apps of well-known, verified and reputable vendors. As well as participating in tests by independent test institutes, such vendors will have a professional website with contact information and a privacy policy. It should also be possible to try the app – typically a few weeks’ trial use is allowed – before purchasing. Users can then assess the usability and any additional features of the product. 

Bogus AV engines are also on Google Play

AV-Comparatives revealed on their report that the apps which fail to cross the 30% marks on the test are scam. Reputable AV engines analyze the codes of these bogus apps.

These bogus apps do not scan anything. They deliver advertisements and make the developers to generate revenue. Users complained about various pop-ups, banners and other unwanted ads by these apps. However, they are using because of their unawareness where the ads are coming from.

Google is trying to remove unwanted apps from the list. The AV-Comparatives 2019 Android Test provides the list of some more apps that should be removed.