Advice Request Detection malicious Android apps

Please provide comments and solutions that are helpful to the author of this topic.

military

military

Level 4
Thread author
Verified
Well-known
Aug 13, 2012
186
Hello!
Based on the article Shady reward apps on Google Play amass 20 million downloads , January 29th, I installed the 4 malicious applications from the article. I also installed several anti-viruses to test for detection time. The article is on a popular resource and as I understand it, they should add detection quickly. Right?
3 of 4 on VT (apk files)

VirusTotal

VirusTotal
www.virustotal.com www.virustotal.com

VirusTotal

VirusTotal
www.virustotal.com www.virustotal.com

VirusTotal

VirusTotal
www.virustotal.com www.virustotal.com
Dr.Web was the first to detect it. It is understandable, the article is from them. I do not count the result.
For the next three days, no one detected. How's that? Isn't the article from a popular resource?
Then came the detection from Kaspersky, Eset, Symantec.
Kaspersky started to detect 2 out of 4, then 4 out of 4. Eset and Symantec, I don't remember the number. Sorry.
Since I have a subscription to Avast, I sent them one of the files several times on different days (one because it was the right size to send through the web form).
They are still undetectable. Until now? Does it catch viruses at all or does it only work on the desktop version?
Bitdefender free (cloud) / Emsisoft = 0. Emsisoft is praised for its support. But I also sent them one apk from the article and a request to analyze the article.
Trend Micro paid = 3 out 4. Trend Micro free (Dr.Safety) = 2 out 4.
Avira Security = 0.
Virustotal mobile shows outdated results, it should not be used to detect fresh threats.
That's the experience. I am disappointed with the result.
 
  • Like
Reactions: Zero Knowledge, goodjohnjr, Gandalf_The_Grey and 6 others
military

military

Level 4
Thread author
Verified
Well-known
Aug 13, 2012
186
Google Play Protect is already detecting 3 out of 4. Why do some popular antiviruses still not detect anything?
 

Attachments

  • 2023-02-05 11-06-11.JPG
    2023-02-05 11-06-11.JPG
    369.4 KB · Views: 122
  • Like
Reactions: goodjohnjr, Gandalf_The_Grey, cryogent and 2 others
spaceoctopus

spaceoctopus

Level 16
Verified
Top Poster
Content Creator
Well-known
Jul 13, 2014
766
military said:
Comodo AV/ Malwarebytes free = 0 out 4.
Click to expand...
Have you tried the Pro version of MB?Usually if you download an APK, the antiransomware module will show you that the file is being scanned in the notification bar, and to wait before installing. Perhaps it uses other methods(such as some heuristics) to detect malware.
Not suprised by Eset, very good as always. Last week it detected a malicious Apk during the weekly scheduled scan, in the folder linked to the Telegram app. And i've always been positively surprised by Dr Web Android. It is a well designed app.
 
  • Like
Reactions: military and vtqhtr413
goodjohnjr

goodjohnjr

Level 5
Verified
Jul 11, 2018
230
military said:
Hello!
Based on the article Shady reward apps on Google Play amass 20 million downloads , January 29th, I installed the 4 malicious applications from the article. I also installed several anti-viruses to test for detection time. The article is on a popular resource and as I understand it, they should add detection quickly. Right?
3 of 4 on VT (apk files)

VirusTotal

VirusTotal
www.virustotal.com www.virustotal.com

VirusTotal

VirusTotal
www.virustotal.com www.virustotal.com

VirusTotal

VirusTotal
www.virustotal.com www.virustotal.com
Dr.Web was the first to detect it. It is understandable, the article is from them. I do not count the result.
For the next three days, no one detected. How's that? Isn't the article from a popular resource?
Then came the detection from Kaspersky, Eset, Symantec.
Kaspersky started to detect 2 out of 4, then 4 out of 4. Eset and Symantec, I don't remember the number. Sorry.
Since I have a subscription to Avast, I sent them one of the files several times on different days (one because it was the right size to send through the web form).
They are still undetectable. Until now? Does it catch viruses at all or does it only work on the desktop version?
Bitdefender free (cloud) / Emsisoft = 0. Emsisoft is praised for its support. But I also sent them one apk from the article and a request to analyze the article.
Trend Micro paid = 3 out 4. Trend Micro free (Dr.Safety) = 2 out 4.
Avira Security = 0.
Virustotal mobile shows outdated results, it should not be used to detect fresh threats.
That's the experience. I am disappointed with the result.
Click to expand...
Wow! This is disappointing & surprising, thank you for sharing that. What about Sophos?
 
  • Like
Reactions: spaceoctopus and military
Bot

Bot

AI-powered Bot
Verified
Apr 21, 2016
3,440
Hello @military ,

I can understand your disappointment with the anti-virus companies' ability to detect these malicious Android apps. While it is true that popular resources like the one you mentioned should add detection quickly, it is also important to note that the detection process can vary between different anti-virus software.

It is not uncommon for some anti-virus companies to take longer to detect new threats, especially if the malware uses sophisticated techniques to evade detection. However, it's also true that some anti-virus software have better detection capabilities than others, and this can be due to a variety of factors, such as the frequency of their signature database updates or their use of heuristics and behavioral analysis.

It's also worth mentioning that relying solely on anti-virus software is not enough to guarantee protection against malicious apps. Users should also exercise caution when downloading apps and only download from trusted sources, read reviews, and pay attention to the permissions requested by the app.

In conclusion, while it is important to use anti-virus software to protect against malicious apps on Android, it is also important to keep in mind that no detection method is perfect, and users should take other precautions as well.
 
  • Like
Reactions: Jack, roger_m and military
Bot

Bot

AI-powered Bot
Verified
Apr 21, 2016
3,440
nigga_thepcrecoverer22 said:
That is true, but...... Shouldn't Avast find it faster cuz they found tons of ransomware (i maybe don't correctly remember that though) in a world-record time.
Click to expand...
It is possible that Avast is more efficient at detecting certain types of malware or ransomware than these particular Android apps. However, it's also important to note that malware detection is an ongoing battle between security companies and cybercriminals who are constantly developing new and more sophisticated methods of evasion.

Avast, like other antivirus software, uses various methods to detect malware, including signature-based detection and behavioral analysis. It's possible that these methods were not effective in detecting the specific Android apps you tested. In any case, it's a good practice to use multiple antivirus programs and not rely solely on one for comprehensive protection against malware. Additionally, staying vigilant and cautious when downloading apps and browsing the web is key to avoiding potential threats.
 
  • Like
Reactions: nigga_thepcrecoverer22

Similar threads

M
    • Like
Question Adobe Reader DC False positives by ClamAV and Google
Replies
4
Views
303
Other security for Windows, Mac, Linux
Mops21
M
L
    • Like
    • +Reputation
    • Thanks
Question Steamunlocked malware?
Replies
41
Views
3,873
Malware Analysis
struppigel
struppigel
L
    • Like
    • +Reputation
Malware Analysis Tricky adware or malicious ?
Replies
10
Views
930
Malware Analysis
likeastar20
L

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top