Most Android Anti-Malware Apps Don't Offer Any Protection

Share

You will not see this change on apps listed in the Google Play Store for Android TV, Wear OS and Android Auto. Researchers believe that most, if not all of the developers who were using RXDroider were unaware of its deficiencies.

Android adware found its way into as many as 150 million devices - after it was stashed inside a large number of those weird viral mundane job simulation games, we're told.

"Most of the above apps, as well as the risky apps already mentioned, have been developed either by amateur programmers or by software manufacturers not focused on the security business", the AV-Comparatives staff noted.

Once installed, the malicious Simbad SDK phones home and starts embedding itself on the user device to prevent removal, and would start fetching and displaying ads to generate revenue. Apps will have to provide new permissions when targeting Android Q. If an application is targeting Android 9 and lower, the permissions will be automatically added, the company explained. Google is delighted by the innovative location experiences you provide to users through your apps, and Google wants to make this transition as straightforward for you as possible. Unfortunately, some of the most popular apps including Snow Heavy Excavator Simulator (10 million downloads), Hoverboard Racing (five million downloads), and Real Tractor Farming Simulator (five million downloads) were also trapped in this scam. That means a modelling app could be used to create 3D images or support AR photography.

More news: Malaysia rejects call to free Vietnamese accused in Kim Jong Nam killing
More news: Tannehill traded to Titans
More news: James Gunn rehired to direct ‘Guardians of the Galaxy 3’

Only 23 of these apps detected 100% of the malware strains tested.

The tests were straightforward: Open the Google Chrome browser on a clean phone, download a malicious sample, open the.apk Android executable file in the file explorer app, then install and execute it. Sometimes, the reviews can be faked, AV-Comparatives said. "AV Comparative gives an example of JSON - JavaScript Object Notation - a whitelist that includes an entry for ".com.Adobe". The combined total of installations across all apps affected comes out to just short of 150 million downloads, equating to up to that many people having been impacted.

Google has now removed the malicious apps from the Google Play app store but only after potentially millions of devices were infected.

The huge Android userbase has been subject to some high-profile security scares, with the Judy malware arguably the biggest in recent times. In those days, researchers often found malware purporting to be anti-virus applications.

Share