If you needed any more convincing that downloading free apps onto your Android device from unknown developers might need a rethink, then maybe a new report from VPNpro might provide a further push in the right direction. The firm’s latest research has exposed six free and “potentially dangerous” antivirus apps which “have a total of 1.66 billion downloads already in the Google Play store” and which have resulted in “users putting themselves and all the precious data on their phones at risk.”
The warning focuses on the “dangerous permissions” these so-called security apps garner from target users—almost none of which are actually needed by an antivirus app. But if you’re generating a financial return by abusing user privacy then those permissions are spot on: “Permissions like knowing where you are at all times, being able to use your camera, and even using your phone without your knowledge.”
You can’t fault the irony here—a user sets out to do the right thing, downloading a security app having seen increasing numbers of Android malware scare stories, and then downloads a free app from a rogue developer. VPNpro cites the examples of Virus Cleaner, Security Master and Clean Master, which it says “have been found guilty of these malicious activities in the past—but are still available on Google Play and amassing millions of installs every month.” Google was approached for any comments on this report before publishing.
The advice here is pretty obvious. If you’re going to download any app, but especially a security related one, then go for a well known brand that you are familiar with. Free apps are free for a reason—if you’re not paying for it, then someone else is. If you like dabbling in detail, then you can assess the permissions you’re being asked to grant and pick and choose (if that’s an option). More realistically, just avoid those apps.
There are of course permissions that antivirus apps do need in order to function: Accessing the internet to pull down virus data, reading and writing to storage to find and deal with dangerous files. But other requested permissions the researchers found included accessing the camera and the microphone, recording audio, even making calls. Abusive permission requests for smartphone apps has now become a prevalent issue. “In general,” VPNpro warns, “antivirus apps requesting a large amount of dangerous permissions can seem quite suspicious, and we recommend caution.”
I would would go further—avoid all of these apps completely. They are listed at the end of this article.
VPNpro examined the 15 most popular free antivirus apps—all of which appeared in the top 30 overall and which had more than 2 billion downloads between them. Unsurprisingly, 12 of those 15 apps were based in China or Hong Kong. Well known rogue apps and developers appeared in the list, including Cheetah Mobile, which I’ve covered before. A neat summary of the way in which users are being tricked and manipulated is that “three separate developers share the same Hong Kong address.” The six “worst offenders” with the most installs are highlighted here:
The apps averaged six dangerous permission requests each—that’s six different ways to abuse your trust and your privacy with the potential to cause you harm.
The report highlights the harvesting and exfiltration of user location information as an especially lucrative business model for the rogue developers, “requested by 9 out of the 15 antivirus apps analyzed—using GPS coordinates, cell data, and/or wifi to reveal users’ locations… pinpointing users to within a few meters.” This data is then farmed out to marketing companies who can use the combination of location and user identity to target ads and track our movements—feeling violated yet?
This isn’t the worse of it. With the permissions granted here apps can gather up user data and send it back to their handlers, they can launch websites, deliver fraudulent ads, even make premium calls or engage in subscription fraud. “In total,” the report warns, “the amount of malicious or lucrative things that can be done with user data is staggering, and often only limited by fraudsters’ or marketing companies’ creativity.
Here are the apps. Needless to say, if you have any of the apps you should delete them from your device right away. They could be seriously bad for your health.
- Security Master – Antivirus, VPN, AppLock, Booster (500 million installs – permissions include location, camera, contacts, audio, phone ‘state’)
- Antivirus Free 2019 – Scan & Remove Virus, Cleaner (10 million installs – permissions include location, phone, camera, contacts, phone ‘state’)
- Virus Cleaner 2019 – Antivirus, Cleaner & Booster (50 million installs – permissions include location, camera, phone, contacts, phone ‘state’)
- Virus Cleaner, Antivirus, Cleaner (MAX Security) (50 million installs – permissions include location, camera, phone, contacts, phone ‘state’)
- Super Phone Cleaner: Virus Cleaner, Phone Cleaner (50 million installs – permissions include location, phone, camera, contacts, phone ‘state’)
- Clean Master – Antivirus, Applock & Cleaner (1 billion installs – permissions include location, camera, phone ‘state’)