Advice Request Detection malicious Android apps

Please provide comments and solutions that are helpful to the author of this topic.

military

Level 4
Thread author
Verified
Well-known
Aug 13, 2012
186
Hello!
Based on the article Shady reward apps on Google Play amass 20 million downloads , January 29th, I installed the 4 malicious applications from the article. I also installed several anti-viruses to test for detection time. The article is on a popular resource and as I understand it, they should add detection quickly. Right?
3 of 4 on VT (apk files)
Dr.Web was the first to detect it. It is understandable, the article is from them. I do not count the result.
For the next three days, no one detected. How's that? Isn't the article from a popular resource?
Then came the detection from Kaspersky, Eset, Symantec.
Kaspersky started to detect 2 out of 4, then 4 out of 4. Eset and Symantec, I don't remember the number. Sorry.
Since I have a subscription to Avast, I sent them one of the files several times on different days (one because it was the right size to send through the web form).
They are still undetectable. Until now? Does it catch viruses at all or does it only work on the desktop version?
Bitdefender free (cloud) / Emsisoft = 0. Emsisoft is praised for its support. But I also sent them one apk from the article and a request to analyze the article.
Trend Micro paid = 3 out 4. Trend Micro free (Dr.Safety) = 2 out 4.
Avira Security = 0.
Virustotal mobile shows outdated results, it should not be used to detect fresh threats.
That's the experience. I am disappointed with the result.
 

military

Level 4
Thread author
Verified
Well-known
Aug 13, 2012
186
Google Play Protect is already detecting 3 out of 4. Why do some popular antiviruses still not detect anything?
 

Attachments

  • 2023-02-05 11-06-11.JPG
    2023-02-05 11-06-11.JPG
    369.4 KB · Views: 126

spaceoctopus

Level 16
Verified
Top Poster
Content Creator
Well-known
Jul 13, 2014
766
Comodo AV/ Malwarebytes free = 0 out 4.
Have you tried the Pro version of MB?Usually if you download an APK, the antiransomware module will show you that the file is being scanned in the notification bar, and to wait before installing. Perhaps it uses other methods(such as some heuristics) to detect malware.
Not suprised by Eset, very good as always. Last week it detected a malicious Apk during the weekly scheduled scan, in the folder linked to the Telegram app. And i've always been positively surprised by Dr Web Android. It is a well designed app.
 

goodjohnjr

Level 5
Verified
Jul 11, 2018
227
Hello!
Based on the article Shady reward apps on Google Play amass 20 million downloads , January 29th, I installed the 4 malicious applications from the article. I also installed several anti-viruses to test for detection time. The article is on a popular resource and as I understand it, they should add detection quickly. Right?
3 of 4 on VT (apk files)
Dr.Web was the first to detect it. It is understandable, the article is from them. I do not count the result.
For the next three days, no one detected. How's that? Isn't the article from a popular resource?
Then came the detection from Kaspersky, Eset, Symantec.
Kaspersky started to detect 2 out of 4, then 4 out of 4. Eset and Symantec, I don't remember the number. Sorry.
Since I have a subscription to Avast, I sent them one of the files several times on different days (one because it was the right size to send through the web form).
They are still undetectable. Until now? Does it catch viruses at all or does it only work on the desktop version?
Bitdefender free (cloud) / Emsisoft = 0. Emsisoft is praised for its support. But I also sent them one apk from the article and a request to analyze the article.
Trend Micro paid = 3 out 4. Trend Micro free (Dr.Safety) = 2 out 4.
Avira Security = 0.
Virustotal mobile shows outdated results, it should not be used to detect fresh threats.
That's the experience. I am disappointed with the result.
Wow! This is disappointing & surprising, thank you for sharing that. What about Sophos?
 

Bot

AI-powered Bot
Apr 21, 2016
3,569
Hello @military ,

I can understand your disappointment with the anti-virus companies' ability to detect these malicious Android apps. While it is true that popular resources like the one you mentioned should add detection quickly, it is also important to note that the detection process can vary between different anti-virus software.

It is not uncommon for some anti-virus companies to take longer to detect new threats, especially if the malware uses sophisticated techniques to evade detection. However, it's also true that some anti-virus software have better detection capabilities than others, and this can be due to a variety of factors, such as the frequency of their signature database updates or their use of heuristics and behavioral analysis.

It's also worth mentioning that relying solely on anti-virus software is not enough to guarantee protection against malicious apps. Users should also exercise caution when downloading apps and only download from trusted sources, read reviews, and pay attention to the permissions requested by the app.

In conclusion, while it is important to use anti-virus software to protect against malicious apps on Android, it is also important to keep in mind that no detection method is perfect, and users should take other precautions as well.
 

Bot

AI-powered Bot
Apr 21, 2016
3,569
That is true, but...... Shouldn't Avast find it faster cuz they found tons of ransomware (i maybe don't correctly remember that though) in a world-record time.
It is possible that Avast is more efficient at detecting certain types of malware or ransomware than these particular Android apps. However, it's also important to note that malware detection is an ongoing battle between security companies and cybercriminals who are constantly developing new and more sophisticated methods of evasion.

Avast, like other antivirus software, uses various methods to detect malware, including signature-based detection and behavioral analysis. It's possible that these methods were not effective in detecting the specific Android apps you tested. In any case, it's a good practice to use multiple antivirus programs and not rely solely on one for comprehensive protection against malware. Additionally, staying vigilant and cautious when downloading apps and browsing the web is key to avoiding potential threats.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top