Two-Thirds of Android Antivirus Apps Are Total BS

Most of the Android antivirus apps in the Google Play store are a complete waste of time and money, and some even make your phone more likely to be infected by malware, a new study finds.

Credit: Benny Marty/Shutterstock

(Image credit: Benny Marty/Shutterstock)

Austrian antivirus-testing lab AV-Comparatives tested 250 antivirus apps in Google Play against 2,000 malware samples. They found that only 80 of the apps could stop even a minimal amount of malware.

"Less than one in 10 of the apps tested defended against all 2,000 malicious apps, while over two-thirds failed to reach a block rate of even 30 percent," the lab said in a press release.

To make sure you're protecting your Android device properly, stick to apps from well-known antivirus companies.

Basically, AV-Comparatives said, most Android antivirus apps are phony, and many of them seemed to have been created only to display ads or promote a developer's career.

"The main purpose of these apps seems to be generating easy revenue for their developers, rather than actually protecting their users," the AV-Comparatives report said.

Twenty-three apps did detect all malware samples AV-Comparatives threw at them, including Tom's Guide's top three picks: Bitdefender Mobile Security, Norton Mobile Security and Avast Mobile Security.

Our sixth-place pick, Psafe DFNDR, was also in the 100-percent category, although AV-Comparatives noted that DFNDR used Avast's antivirus engine and had not updated itself to run properly on Android 8 Oreo and later. Lookout Mobile Security, our No. 5 pick, was a little behind the others with 99.6 percent. (Google's own Play Protect antivirus software did poorly, with a detection rate of only 69 percent.)

But Cheetah Mobile, which makes CM Security Master, our No. 4 choice, was listed among the 138 vendors whose antivirus apps "detected less than 30 percent of the Android malware samples, or had a relatively high false alarm rate on popular clean files from the Google Play Store." As a result of these findings, we are re-evaluating CM Security Master and its place in our rankings.

AV-Comparatives said certain apps "whitelisted" apps from specific third-party developers, including Adobe, Facebook, Twitter, WhatsApp, Instagram and Google itself, so that those well-known apps would not be falsely detected as malware. But that also meant that malware developers could sneak apps past the antivirus app by simply including the name of any whitelisted developer in the name of their app.

"The risky 'AV apps' block almost all other apps, regardless of whether they were installed from the official Google Play Store or not," the report says. "Some of them do not even bother to add their own packages to their whitelists, causing them to report their own app."

Paul Wagenseil

Paul Wagenseil is a senior editor at Tom's Guide focused on security and privacy. He has also been a dishwasher, fry cook, long-haul driver, code monkey and video editor. He's been rooting around in the information-security space for more than 15 years at, SecurityNewsDaily, TechNewsDaily and Tom's Guide, has presented talks at the ShmooCon, DerbyCon and BSides Las Vegas hacker conferences, shown up in random TV news spots and even moderated a panel discussion at the CEDIA home-technology conference. You can follow his rants on Twitter at @snd_wagenseil.