It’s already been a rough month for Android users. Last week, smartphone and tablet owners were warned about dozens of apps that were capable of generating money for criminals behind-the-scenes using adware, while another was unearthed that could reinstall itself whenever users tried to delete the harmful app from their handset.
And now there’s more. Worse still, this latest strain plays upon Android users fears about infection, adware, and spyware to infiltrate your device.
Privacy and security research firm VPNpro has discovered 10 anti-virus solutions available in the Google Play Store that are riddled with dangerous access permissions, malware and spyware to quietly keep track on what you’re doing on your smartphone on tablet behind your back.
Worryingly, these harmful anti-virus apps are hugely popular, racking-up a total of 1.9 billion downloads worldwide.
According to VPNpro, the anti-virus solutions use the permissions granted during set-up to collect and sell personal data or spread malware. Some of these apps will even demand payment before you’re able to delete the nefarious software from your device – so you’ll be paying twice, first with your private information, and second with your credit card.
An additional five apps, originally included in the VPNpro research and discovered to have the same issues, have recently been removed from the Play Store. The downloads for these apps totalled more than 500 million, the security firm has confirmed.
When a person installs one of these free anti-virus solutions, they unwittingly grant access for the developer to use a number of key aspects of their smartphone’s technology.
These ‘dangerous access permissions’ range from secretly recording audio, to making phone calls, and recording location data. In total, VPNpro discovered eleven types of dangerous permission – with one app ‘Security Master’ having a ludicrous total of ten dangerous permissions to draw data from your device.
It’s believed the majority of these permissions are used to harvest and sell user data. The most profitable is location data, which was requested by 6 out of the 10 antivirus apps.
Mobile apps can send user location data every 2 seconds, and in some cases, more than 14,000 times per day to various companies. Paris-based data broker Teemo offers $ 4 per thousand users per month. If only 1% of Security Master’s 500 million users were active, it would earn $ 20,000 every month.
Here is the full list of the 15 free anti-virus apps unearthed by VPNpro with dangerous permission
• Security Master – Antivirus, VPN, AppLock, Booster | 500 million installs
• Virus Cleaner, Antivirus, Cleaner (MAX Security) | 50 million installs
• Antivirus Free 2019 – Scan & Remove Virus, Cleaner | 10 million installs
• 360 Security – Free Antivirus, Booster, Cleaner | 100 million installs
• Virus Cleaner 2019 – Antivirus, Cleaner & Booster | 50 million installs
• Super Phone Cleaner: Virus Cleaner, Phone Cleaner | 50 million installs
• 360 Security Lite – Booster, Cleaner, AppLock | 50 million installs
• Super Cleaner – Antivirus, Booster, Phone Cleaner | 100 million installs
• Clean Master – Antivirus, Applock & Cleaner | 1 billion installs
• Super Security – Antivirus, Booster & AppLock | 10 million installs
• Antivirus Free – Virus Cleaner | 50 million installs
• Antivirus Free 2019 – Virus Cleaner | 1 million installs
• Antivirus Android | 1 million installs
• Antivirus & Virus Cleaner | 10 million installs
• Antivirus Mobile – Cleaner, Phone Virus Scanner
It’s also worth noting that six of these apps are based in China, where the strict data protection laws found in the USA and especially in the European Union are nowhere to be found. In fact, they’re notoriously lax and government intervention into these kind of tech companies is commonplace.
Jan Youngren from VPNpro said, “These antivirus apps are requesting a large amount of dangerous permissions which is very suspicious – there is simply no legitimate reason for them to do so. Consumers must understand what these permissions actually do and exercise a lot of caution in granting them.
“In general, when selecting an antivirus app for your phone, consider these questions first; do I really need an antivirus app? For the most part, the answer is no. Is this app from a reputable developer? If it isn’t, you might want to choose a well-known brand. Does this app really need these dangerous permissions?
“For the most part, by denying certain permissions, the entire app may not work. At that point, consider a different antivirus app.”