Do Android Antivirus Apps Actually Do Anything?

If you've been watching tech news headlines over the past week, you've likely heard that Android malware is growing at an alarming rate, up something like 472 per cent from May of this year. Should you be worried and run off to purchase and install an antivirus package for your Android phone? Not so fast; there's just as much controversy over those utilities as there is over the malware itself.

Yes, Malware for Android Is Real, And It's Growing

The one thing that can't be refuted is that the amount of malware for the Android platform has skyrocketed. After all, it's only natural for malware authors to target one of the most popular and fastest growing mobile platforms. Juniper's Global Threat Center, the group that created the report and the infographic that's been raising eyebrows points out that the flood of Android malware can be broken into two categories.

  • SMS Trojans. SMS Trojans operate in the background of normal applications, sending SMS messages to premium rate numbers, or numbers that charge you each time an SMS is sent to them. In the same way you can send an SMS message to a specific number to vote on a television show (and conveniently pay a modest fee for sending that massage), these trojans send messages to numbers — often international — owned by the attacker. In fact, you don't even notice the unusual behaviour until you review your phone bill, or check your account to see if there's been recent SMS activity. Of course, by the time you see it, the messages have already been sent, and your account has already been billed. SMS trojans account for just under half of all Android malware.
  • Spyware. The lion's share of Android malware is actually spyware. Just over half the known examples are applications that access have deep access and permissions to your system, or which exploit vulnerabilities in Android to gain root access to the device, collect information about the device and the user, and then send it back to the app's developer.

Juniper isn't the only security research firm that has highlighted the threat. A new report from McAfee, highlighted over at Neowin, says the same thing. Both research firms say that the bulk of the malware is being written by the same authors who were responsible for similar attacks against old Windows Mobile and Symbian devices years ago. In essence, it's not that Android has suddenly drawn in a new generation of malcontents, but that the older, more vulnerable platforms aren't as interesting anymore.

No, Mobile Anti-Malware Utilities For Android Are Not Perfect

To combat the mobile malware threat, a number of security firms have released their own utilities designed to keep you safe. Researchers will tell you that you need some kind of protection to keep your phone and the data on it safe and secure. That may be true, but not everyone is taking research firms like Symantec, McAfee and Juniper at their word. Google's Chief Evangelist, Chris DiBona, called out researchers for being charlatans and scammers and accused them of peddling "scareware". Admittedly, DiBona isn't exactly an impartial observer, but there may be something to his concerns.

DiBona notes that even though there has been a rise in malware for the Android platform, there has yet to be an open and spreading infection among Android devices, the same way we've seen with desktop computers. Part of the issue is that there's no simple transmission method between mobile devices in the wild. Despite DiBona's concerns, security researchers point out that mobile devices are essentially handheld computers, and that they carry a great deal of information about us that identity thieves would consider valuable.

At the same time, security products available for Android don't offer the same level of protection that desktop security tools offer. There's no active scanning of files or applications that enter memory, or regular checking of applications that are downloaded and installed. You can't just install a mobile security suite on your Android phone and assume you'll be safe regardless of what you do. Until security tools mature, the real weapon you have against Android malware is common sense. Don't install applications from unusual or suspicious sources, avoid installing apps from the Android market or other trusted markets, and evaluate the permissions required by the apps you install before you install them or allow them to auto-update. Keep a close watch on your SMS and data activity even in between billing cycles, and raise any issues to your carrier as soon as you see them.

The Verdict

Well, the question we started with was: Does Android antivirus apps actually do anything? The simple answer is yes. They can be helpful, even if they're not bulletproof or even as protective as their desktop counterparts are. There's a ton of Android malware out there, but the upside to the whole affair is that it's not terribly easy to get, if you use your phone normally. Also, even if the malware threat to Android is a bit overinflated right now, security companies that are eager to sell you an antivirus package or app for your mobile device are at least providing a partially useful service.

Even if their apps aren't ready for prime time to combat malware in the wild, they do give you other useful tools, like remote tracking or data wipe if your phone has been lost or stolen, backup for all of your files and data and more. At the same time, some apps have those same features for free. If you've installed Norton Mobile Security or McAfee Wavesecure, there's no need to uninstall it and ask for your money back. The utilities will only get better with time. Still, keep in mind that no mobile security app is a replacement for common sense.


Comments

    Time for Google to include there own Anti-Malware/Virus? Microsoft has deemed this the way to go for Windows, so I would expect Google would follow suit - or they could at least start at the source - scan and auto-remove this crap from the Android Market.

    I suppose this is the topic of a future article, but what is the best software out there to do this already? Looking for the MS Security Essentials of Android...

    I still maintain my stance of running my phone without "virus" protection. In my experience, any anti-virus apps I have installed have dramatically affected the performance of my phone, and in the time I used a variety of them not a single one reported any threat.

    Ultimately, it comes down to being sensible about how you use your phone. Review app permissions prior to installing (Google have made their permissions page pretty bloody straightforward, if you can't be arsed reading them then it's your own problem), avoid apps that LOOK dodgy and are poorly translated, and be conscious of what and whom your phone interacts with.

    Battle Scarred :)
    ------------

    Hi - is it just apps that can get malware/viruses/spyware? I find it a touch annoying how most android scanners just scan your apps.

    I'm sure there are web-page-nasties, for example malicious java scripts , which attempt to infect whoever is visiting that web page . I have 3 android devices, recently one lost the internet connection after going to a innocent website and then very soon after that phone went into a boot screen loop. A lot of websites harbor bad code and I believe on some of these the android can get affected, probably more so if its rooted. I don't know enough about malware code to offer some good evidence on how androids can be affected/infected............

    I use McAfee Wavesecure which, as mentioned, has additional features apart from the normal virus/malware detection. The best feature I liked was the package scan before and after installs. Not to mention the scan once you restart your device. Initially they called it McAfee Mobile Security and then in between started up-selling Wavesecure to all the users. An annual membership will cost you around $20. I reckon its totally worth it.

    "...avoid installing apps from the Android market or other trusted markets,..."

    where are you supposed to install them from then, if not the Android market (or other trusted markets)??

      He means side loading - as in downloading an APK from a website/torrent and installing it direct to your phone.

    Again with this baseless % increase in 'malware' Juniper nonsense.

    Go read the McAfee report for a bit of context. There were less than 100 Android malware samples collected by McAfee in Q3 2011, that's a tad over one a day.

    What proportion of additions to the app catalogue is that? - 0.001% (based on 30,000 new apps a month), that's a thousandth of one percent.

    Thats one fifth of the odds of dying from slipping in the bath or shower or the same odds of finding a 4 leaf clover on the first attemp.

    Please, stop posting these bullshit 'stories' and provide some factual perspective.

    "avoid installing apps from the Android market or other trusted markets"

    So... no installing any apps at all then? Why get a smartphone at all?

    There must be something missing here, but I'm not sure just what.

    @ jubal1, Thank you for some perspective. I died in the shower just yesterday, but it was only "the little death", so all good as far as I'm concerned! (please don't judge me ;) )

Join the discussion!

Trending Stories Right Now