Fake Antivirus Apps Are Taking Over the Android App Store

fakeantivirusapps-min

Barely a month ago, WannaCry made headlines in the tech sphere along with the many scams associated with it. Many people who just wanted protection from the WannaCry virus instead became victims of criminals who took advantage of the vulnerability of consumers. Authorities across the globe issued warnings and took action against these crimes. But it seems the bad news isn’t over when it comes to fake antivirus apps.

Cyber security company RiskIQ discovered hundreds of Android apps masquerading as antivirus solutions. Unwary Android users who download these apps end up with Trojans, malware, and adware. Some of these fake protection apps claimed themselves as WannaCry shields. But the fact is, WannaCry doesn’t affect mobile phones.

32492cab8d7ea0d9474daa15cd8c32d4
(Image Source: RiskIQ)

Just how bad is it?

When RiskIQ did some research, they found 4,290 active antivirus apps. Out of that number, 525 raised malware alarms. The thought of having one fake antivirus apps for every ten real ones can’t be taken lightly.

191c958e81e45ffc00f1aca91dfab7d5
One of the fake anti-WannaCry antivirus app found by Malwarebytes

One of the fake antivirus apps is the Anti-WannaCry Virus, detected by McAfee in the Google Play Store. It claimed to remove malicious software and the WannaCry virus from a user’s mobile device. It received high reviews, making it appear more legitimate. But McAfee discovered it doesn’t provide any sort of protection at all.

Another example is Ad Security, which was removed from the Google Play Store after a genuine antivirus software identified it as Trojan malware.

06e3b141b117b3b58e248e453ec1d596

RiskIQ pointed out, though, that some of the apps in the blacklist category are possibly false-positives.

But consumers should also remember that there are also hundreds of malicious apps that are not yet detected. Google has a screening process designed to protect your device from harmful apps, but there are still hundreds that make it through to the Play Store.

When researchers searched for “antivirus” in the Google Play Store, they got 655 results, with 131 of these raising flags for blacklisting. When narrowing down the search to antivirus apps which were active, they got 508 results, with 55 of that number fitting the blacklist category. This means that one out of five antivirus apps in the Play Store are potentially harmful to your device.

Even the iStore isn’t spared

One reason why iOS users are loyal is due to the assurance that their Apple devices are better protected from harmful apps and other cyber security threats. However, that doesn’t mean 100% security.

The scam app “Mobile protection: Clean & Security VPN” was removed from the App Store after hacker/developer Johnny Lin discovered and unmasked the dark truth. The app promised to keep iPhones clean, secure, and protected. It got 50,000 downloads from Apple users, some who were fooled by the app and some who were not aware of the expensive monthly fee. It turns out that an estimated 200 users unknowingly automatically renewed their weekly subscription, and ended up paying 99$ a week in fees.

How to Protect Yourself Better from Fake Antivirus Apps

One of the most common tips is to make sure you buy and download apps only from legitimate and reliable stores (Google Play Store for Android, iStore for iOS, Galaxy App Store for Samsung Galaxy owners, and so on). But with some existing loopholes in security and with cyber criminals becoming even more creative, you need additional precautionary measures to give your mobile device a better chance of staying protected.

  1. Be wary of suspicious looking apps. Spelling and grammatical errors should already ring alarms.
  2. Read the reviews. And read as many as you can to get a bigger picture of the pros and cons of the app. Also, don’t just stick to the good ones. Check out low-scoring ones as well. But make sure these are genuine reviews from real users and tech specialists.
  3. Go through the terms and conditions. This is considered a tedious task by most, but it is a necessary one if you want to keep your device secure. Realistically speaking, you may not be able to cover everything word for word, but at least make sure you go over the important sections (such as Privacy and Use of Data).
  4. Get to know the developer a bit more. If you aren’t familiar with any company or an independent developer, do some research by looking for credible social media profiles. They might even have their own website.
  5. Don’t allow your Android device to install apps from unknown resources. Yes, free apps or beta tests have a lot of perks and allow you to enjoy a service without having to pay for it. But you are also exposing your phone to hundreds of harmful apps that can steal your private information, destroy your device, and even cost you money in the end. Go to your Settings > Security > Unknown Source, and make sure the feature is disabled.

Becoming a victim of any type of cyber threat is scary. But don’t allow your better judgment to be clouded by fear. Think and act smart by always checking the legitimacy and credibility of an app, or of any software you allow into your device for that matter.