Feeds

2 in 3 Android anti-malware scanners not up to the job

Threat test: Droid malware grows 450% in 4 months

SANS - Survey on application security programs

Two-thirds of Android anti-malware scanners failed to protect against a range of malware in independent tests.

AV-Test put 41 different virus scanners for Android through their paces. Almost two-thirds of these scanners are not yet suitable for use as reliable products, identifying less than 65 per cent of the 618 types of malware tested.

Packages that detected more than 90 per cent of the Android malware thrown at them included Droid security software from Avast, Dr Web, F-Secure, Ikarus, Kaspersky, Zoner and Lookout.

Products that picked up more than 65 but less than 90 per cent of Android malware included applications from established desktop players (AVG, Bitdefender, ESET, Norton/Symantec, QuickHeal, Trend Micro, Vipre/GFI and Webroot) and a couple of mobile specialists (AegisLab and Super Security).

Android security products from Bullguard, Comodo, G Data, McAfee, NetQin and Total Defense fell into the third range (detection of between 40 to 65 per cent). AV-Test said these products generally provided reliable malware protection against a few families, but fell down elsewhere – probably due to inadequate mobile malware sample collection.

A fourth group of Android security products provided detection rates of less than 40 per cent – basically completely unreliable. These products – none of which came from recognised security vendors – generally failed to react even when smartphone users opened well-known Android Trojan, much less detecting anything amiss during a regular scan.

The findings are of concern because of the growth in malware (largely Trojans) targeting Android devices over the last year or so. Threats for Android smartphones include phishing Trojans, banking Trojans, spyware, bots, SMS fraud Trojans, premium diallers and fake installers.

AV-Test reckons there were more than 11,000 strains of Android malware, a figure that has grown exponentially over recent months. The figure only crossed over the 2,000 mark at the end of October 2011. That's still a tiny fraction of the 10-million-plus Windows malware strains out there, but Android malware is well on track to exceed the volume of Mac-targeting nasties.

"The popularity of the Android system has led to a huge increase in the distribution of Android malware," Andreas Marx, chief exec of AV-Test explained. "This malware is mainly distributed in markets operated by third parties, but even the Google Android Market cannot guarantee that all of its listed applications do not contain any threats."

Malware detection of free and paid-for Android scanners from the same vendor was the same. Paid-for Android security suites tend to bundle extra features beyond a basic anti-malware scanner, such as application permission control.

Even if an Android security package performs badly in malware detection it may be useful in other ways, such as remote lock and wipe, backup and phone locating, as AV-Test points out.

More information on the tests, including charts and results, can be found on AV-Test's website here.

The latest tests, the results of which were published on Tuesday, are a follow-up on previous less comprehensive tests of Android anti-malware scanners carried out by AV-Test last year. These earlier tests found that many free-of-charge antivirus products failed to protect Android smartphone against malware effectively. ®

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.