If you're using an Android device, its important to be aware of the fact that there are around three million Android malware in the wild, many of which your free antivirus app may not be able to detect, research by Quick Heal Security Labs has revealed.
In 2018, the security solutions provider discovered over three million malware that targeted Android devices using various versions of the operating system, providing an indication of how difficult the threat environment has become for billions of Android device users across the world.
Most free antivirus apps for Android are worthless
But what's even worse is that a majority of easily-available and free-to-use antivirus applications for Android are unable to detect or defend against a majority of Android malware out in the wild. Out of the 250 Android antivirus apps tested by Quick Heal, less than 1 in 10 of the apps defended against all 2,000 malicious apps, while over two-thirds failed to reach a block rate of even 30%.
"This goes on to explain that while there are endless Android security apps available in the market, only a small proportion of these can actually provide effective protection against malware attacks. Thus, before consumers can install a security app on their device, it is important to validate its genuineness and level of effectiveness," the firm noted.
"Choosing the right antivirus for Android device could be a tricky decision especially for those with limited knowledge about antivirus. So, the best way to save yourself from fake, ineffective security apps, is to forget the free or cheap AV apps and get into the habit of buying AV apps only from experienced security vendors, who constantly invest into threat research and regularly release the updates for protection against latest threats," it added.
Android malware featuring increased sophistication
The level of sophistication in modern-day malware is such that recently, the Nocturnus Research team at Cybereason discovered a new variant of the Astaroth Trojan which used vulnerabilities in antivirus software to steal passwords and personal data.
Detailed research carried out by the firm revealed that by disguising its payload as JPEG, GIF, and extensionless files, the trojan avoided detection and exploited legitimate operating system processes as well as security vendor products from companies like Avast and GAS Tecnologia to infect thousands of devices.
In order to defend against modern Android malware, not only should mobile device users use antivirus apps published by reputed security vendors, but should also download apps only from official app stores, always keep the ‘Unknown Sources’ disabled on their phones to prevent the installation of apps from unknown sources, avoid apps that ask for unnecessary and invasive permissions, and keep their devices and apps updated with the latest security patches.