11 Dec 2012

Built-in Android AV Fends off Only 15% of Known Malware


One of the biggest additions to the brand-new Android 4.2 is the built-in application verification service that is supposed to detect and block  malicious or potentially harmful code snuck into user applications.

However, a study by researchers at NC State University reveals that Google’s antivirus solution detects roughly 15 percent of existing threats designed for Android. In contrast, third-party Android security solutions detected between 51% and 100% of the test samples. The test ran 1,260 samples known to be malicious on a Google Nexus 10 tablet, but Android only detected 193 of them.

The increasing popularity of Android over the past two years has attracted unwanted attention from malware authors, who take advantage of the operating system’s open architecture and ease to reverse-engineer applications to infect users. At the moment, there are roughly 30,000 known samples of Android malware.

“By introducing this new app verification service in Android 4.2, Google has shown its commitment to continuously improve security on Android,” said associate professor of computer science Xuxian Jiang. “Based on our evaluation results, we feel this service is still nascent and there exists room for improvement.”

Google has taken numerous approaches to keeping malware out of its Play Store, but the number of Android infections continues to grow from one year to another – mostly because users can download apps from third-party sources. The use of a dedicated mobile security solution is still recommended, especially for users who are installing apps from non-official repositories.