Most Android anti-virus software cannot detect malicious APK files

APK file containing malicious code is a method that hackers often use to attack Android users. Unlike iOS, Android users can download and install apps from third-party app stores or download the app's APK file and install it themselves.

This puts Android users at risk of installing malicious apps that can steal sensitive information or lose money in mobile accounts.

Bad guys often design malicious apps to look exactly like popular apps. Moreover, they can also create copies with obfuscated code to hide their evil intentions and bypass the defenses created by security and anti-virus software on Android.

Most Android anti-virus software cannot detect malicious APK files Picture 1 Most Android anti-virus software cannot detect malicious APK files Picture 1

To evaluate the anti-malware capabilities of security and anti-virus software on Android, DroidMorph researchers conducted a detailed test. DroidMorph has created multiple copies of Android apps as APK files, both benign and malicious with varying degrees of obfuscation.

DroidMorph created 1,771 different APK variants for its testing. As a result, 8 out of 17 top antiviruses could not detect any application duplicates. This is a very disappointing result.

LineSecurity, MaxSecurity, DUSEcurityLabs, AntivirusPro, 360Security, SecuritySystems, GoSecurity and LAAntivirusLab are antivirus software that allows APK variants to be installed without any hindrance. Meanwhile, big-name software like AVG, BitDefender, Kaspersky or McAfee have a very good performance when it comes to detecting most APK copies.