A security firm has found hundreds of apps that purport to protect mobile devices are actually malware.
Given the amount of mobile malware doing the rounds, it seems prudent to use some kind of security software, especially on Android phones and tablets.
But security firm RiskIQ has found hundreds of examples of apps that purport to protect mobile devices, yet are themselves Trojans, adware or other types of malware.
Of more than 4,200 currently available antivirus apps, 525 are blacklisted by VirusTotal, which means at least one bona fide vendor has flagged them as malicious.
Android users are often counselled to limit their app acquisitions to those in Google Play, and that is slightly safer when it comes to antivirus tools. Of the 508 apps available there, 55 are blacklisted. That's 10.8 percent compared with 12.2 from all sources.
RiskIQ cautions that not every blacklisted app is malicious, and that many malicious apps aren't blacklisted. But “if a trusted AV vendor flags an app, or multiple AV vendors flag an app, it may be worth further review.”
The company offers the following (paraphrased) tips when looking for a mobile antivirus app:
- Restrict yourself to official stores, particularly Google Play.
- Review the permissions requested (always wise, but it does require some awareness of the permissions required for an app to do its stated job).
- Make sure the developer's email address is not a free email service such as Gmail or Hotmail.
- Read the app description: grammatical and spelling errors are a warning sign.
- When possible, check the app against known blacklists such as VirusTotal.
An antivirus app discovered on a third-party app store with its
associated VirusTotal hits on the right. Source: RiskIQ.
That last point leaves us thinking that if you're going to trust the vendors whose AV products are used by Google-owned VirusTotal, doesn't it make sense to simply buy a product from one of those familiar brands rather than an app from someone you've never heard of?
