2 in 3 Android anti-malware scanners not up to the job

Two-thirds of Android anti-malware scanners failed to protect against a range of malware in independent tests.

AV-Test put 41 different virus scanners for Android through their paces. Almost two-thirds of these scanners are not yet suitable for use as reliable products, identifying less than 65 per cent of the 618 types of malware tested.

Packages that detected more than 90 per cent of the Android malware thrown at them included Droid security software from Avast, Dr Web, F-Secure, Ikarus, Kaspersky, Zoner and Lookout.

Products that picked up more than 65 but less than 90 per cent of Android malware included applications from established desktop players (AVG, Bitdefender, ESET, Norton/Symantec, QuickHeal, Trend Micro, Vipre/GFI and Webroot) and a couple of mobile specialists (AegisLab and Super Security).

Android security products from Bullguard, Comodo, G Data, McAfee, NetQin and Total Defense fell into the third range (detection of between 40 to 65 per cent). AV-Test said these products generally provided reliable malware protection against a few families, but fell down elsewhere – probably due to inadequate mobile malware sample collection.

A fourth group of Android security products provided detection rates of less than 40 per cent – basically completely unreliable. These products – none of which came from recognised security vendors – generally failed to react even when smartphone users opened well-known Android Trojan, much less detecting anything amiss during a regular scan.

The findings are of concern because of the growth in malware (largely Trojans) targeting Android devices over the last year or so. Threats for Android smartphones include phishing Trojans, banking Trojans, spyware, bots, SMS fraud Trojans, premium diallers and fake installers.

AV-Test reckons there were more than 11,000 strains of Android malware, a figure that has grown exponentially over recent months. The figure only crossed over the 2,000 mark at the end of October 2011. That’s still a tiny fraction of the 10-million-plus Windows malware strains out there, but Android malware is well on track to exceed the volume of Mac-targeting nasties.

“The popularity of the Android system has led to a huge increase in the distribution of Android malware,” Andreas Marx, chief exec of AV-Test explained. “This malware is mainly distributed in markets operated by third parties, but even the Google Android Market cannot guarantee that all of its listed applications do not contain any threats.”

Malware detection of free and paid-for Android scanners from the same vendor was the same. Paid-for Android security suites tend to bundle extra features beyond a basic anti-malware scanner, such as application permission control.

Even if an Android security package performs badly in malware detection it may be useful in other ways, such as remote lock and wipe, backup and phone locating, as AV-Test points out.

More information on the tests, including charts and results, can be found on AV-Test’s website here.

The latest tests, the results of which were published on Tuesday, are a follow-up on previous less comprehensive tests of Android anti-malware scanners carried out by AV-Test last year. These earlier tests found that many free-of-charge antivirus products failed to protect Android smartphone against malware effectively. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/03/07/android_anti_malware_tests/

View full post on National Cyber Security » Virus/Malware/Worms