Dud Android app fools thousands

News by Steve Gold

Chart-topping paid-for Android security app does absolutely nothing

The efficacy of Google's much-vaunted security vetting process for Android apps has been called into question after it emerged that a security application- Virus Shield - was removed from the Play store on Sunday, with more than 10,000 users having downloaded the software.

According to Android Police, the £2.40 app - which was rising high in the Android pay-for software charts earlier this month - did little more than `screenprint' an image on to the display of the smartphone or tablet concerned.

The newswire says that the software is actually a fake security app. Instead of scanning apps, settings, files, and on-device media - as the Google Play description suggests - the shield icon merely changes from an `x' image to a check mark after a single tap of the screen.

Programmer Zhuowei Zhang is quoted as saying that he decompiled the Java code within the app and - after mirroring the code itself – he realised that app was little more than a simple program call that displays a picture.

The support email for the app reportedly goes to a Live.com `free' – and relatively anonymous - email address.

The Appbrain ratings site says that Virus Shield was the number one paid app during the first week of the month. Other charts show the app in the number three paid app position.

In his analysis, Zhang says that he has decompiled the app and mirrored the Java code on the GitHub site.

"We've confirmed that this app is totally and completely devoid of any security benefit, but you don't have to take our word for it - several Google+ users have helped us to confirm its bogus nature," he says.

Commenting on the emerging saga - which Google has refused comment on, pending a full investigation - Rob Bamforth, a principal analyst with Quocirca, said that the Virus Shield incident raises several issues with the Android app ecosphere.

"Having said that, an app store provider has a tough job on its hands. With Android, you either take a tough line with your app store, or you welcome people with open arms. In either case, there are pluses and minuses," he said.

With the Google Play app store, he explained, it is clear that developers are not policed out of the store - due to the open nature of the Android operating system.

"As this situation shows - and has also been the case with the Apple app store - you are going to get the occasional piece of rubbish, but my main question is how the developers managed to get Virus Shield into the app charts. There may be parallels here with the fake reviews you see on hotel comparison sites - with people posting fake reviews in order to raise the profile of the app in question," he said.

Bamforth went on to say that the reason why Virus Shield was able to get into the paid-for app charts might have been due to the automated processes that many analysis systems use. This, he noted, means that the potential for this type of situation to take place could be a lot more widespread than many people realise.

Dan Drummond, a technical consultant with Manchester-based app specialist Apadmi told SCMagazineUK.com that, as the old adage goes: `if it looks too good to be true, it probably is.'

“It's worth noting, however, that due to the fast pace of technology, many things which a few years ago would have seemed too good to be true are now tools that people use every day," he said.

"User reviews are the main source of information that a user has to protect them from this sort of scam, but unfortunately fake user reviews can make an app look useful, when in actual fact it isn't," he added.

"Google and Apple both work actively to uncover, prevent and remove fake user reviews and accounts but consumers should try looking for reviews from other sources, such as Android Police, other blogs, news sources and magazines when looking for independent, trustworthy information on apps," he said.

Drummond went on to say that, thankfully in this case, the app caused no harm.

"Many malicious apps are prevented from getting onto the Play store and the Apple app store thanks to the efforts of Google and Apple in detecting malware on submission," he noted, adding that, having said this, consumers still need to be wary when installing new apps - and should always check that the permissions that apps request are consistent with the task that they claim to perform.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews