• ARTICLES
SEARCH

How-To Geek

HTG Explains: Does Your Android Phone Need an Antivirus?

avast-for-android

The media is full of reports saying Android malware is exploding and that Android users are at risk. Does this mean you should install an antivirus app on your Android phone or tablet?

While there may be a lot of Android malware in the wild, a look at Android’s protections and studies from antivirus companies reveals that you’re probably safe if you follow some basic precautions.

Android Already Checks For Malware

Android itself has some built-in antivirus features. Before considering whether an antivirus app is useful, it’s important to examine the features Android already has:

  • Google Play apps are scanned for malware: Google uses a service named Bouncer to automatically scan apps on the Google Play Store for malware. As soon as an app is uploaded, Bouncer checks it and compares it to other known malware, Trojans, and spyware. Every application is run in a simulated environment to see if it will behave maliciously on an actual device. The app’s behavior is compared to the behavior of previous malicious apps to look for red flags. New developer accounts are particularly scrutinized – this is to prevent repeat offenders from creating new accounts.
  • Google Play can remotely uninstall apps: If you’ve installed an app that is later found to be malicious, Google has the ability to remotely uninstall this app from your phone when it’s pulled from Google Play
  • Android 4.2 scans sideloaded apps: While apps on Google Play are checked for malware, apps that are sideloaded (installed from elsewhere) were not checked for malware. On Android 4.2, when you first try to sideload an app, you’ll be asked whether you want to verify sideloaded apps are safe. This ensures that all apps on your device are checked for malware.

android-verify-apps

  • Android 4.2 blocks premium rate SMS messages: Android 4.2 prevents apps from sending premium-rate SMS messages in the background and alerts you when an app tries to do this. Malware creators use this technique to rack up charges on your cell phone bill and make money for themselves.
  • Android restricts apps: Android’s permission and sandboxing systems helps limit the scope of any malware. Apps can’t sit in the background and watch every keystroke or access protected data, such as your online banking credentials from your bank’s app. Apps must also declare the permissions they require at installation.

android-airdroid-permissions

Where Does Malware Come From?

Prior to Android 4.2, the majority of Android’s anti-malware features weren’t actually found on Android devices themselves – the protection was found in Google Play. This means that users who download apps from outside the Google Play store and sideload them are more at risk.

A recent study by McAfee found that over 60% of Android malware samples they received were from a single family of malware, known as “FakeInstaller.” FakeInstallers disguise themselves as legitimate apps. They may be available on a web page that pretends to be an official website or on an unofficial, fake Android Market with no protection against malware. Once installed, they send premium-rate SMS text messages in the background, costing you money.

On Android 4.2, the built-in malware protection would hopefully catch a FakeInstaller as soon as it’s sideloaded. Even if it didn’t, Android would alert the user when the app tried to send SMS messages in the background.

On previous versions of Android, you can protect yourself by installing apps from legitimate sources, such as Google Play. A pirated version of a paid app offered on a suspicious website may be stuffed with malware – just like on Windows.

Another recent study by F-Secure, which found that Android malware was exploding, found a scary-sounding 28,398 samples of Android malware in Q3 2012. However, only 146 of these samples came from Google Play – in other words, only 0.5% of malware found was from Google Play. 99.5% came from outside Google Play, particularly on unofficial app stores in other countries where no checking or policing for malware is done.

image

Do You Need an Antivirus?

These studies indicate the majority of malware comes from outside the Google Play store. If you only install apps from Google Play, you should be fairly safe – especially if you check the permissions an app requires before you install it. For example, don’t install games that require permissions to send SMS messages. Very few apps (only apps that interact with SMS messages) need this permissions to function.

If you only install apps from Google Play, you shouldn’t need an antivirus. However, if you regularly sideload apps from outside Google Play, you should probably install an antivirus app just to be safe. Of course, it’s generally best not to sideload suspicious apps in the first place. There are exceptions, such as installing apps from the Amazon Appstore, downloading games you’ve purchased from the Humble Indie Bundle, or installing the Swype keyboard from Swype’s website, but you probably shouldn’t downloaded pirated games from suspicious websites – of course, that’s just common sense.

android-apps-from-unknown-sources

If you do want an antivirus, there are some good free options. avast! Mobile Security for Android is particularly well-reviewed and is completely free.

Antivirus Apps Have Other Features

However, this isn’t the end of the story. Android antivirus apps are often full-featured security suites. They often include other useful features, such as a “find my Android” feature you can use to remotely find your Android phone if you lose it or if it’s stolen. This is particularly useful, as it’s not built into Android.

Apps may also offer other useful features. For example, avast! offers a “Privacy Report” feature that sorts your installed apps by permission so you can see if you have any apps that require too many permissions. avast! also offers a firewall that allows rooted users to block certain apps from accessing the Internet.

If you want any of these features – particularly the “find my Android” anti-theft feature – an Android security app can still be useful.


As long as you stick to apps from Google Play, you probably don’t need an antivirus – especially if you’re using Android 4.2 or later. The majority of Android malware comes from third-party app stores and apps downloaded from suspicious websites. To be extra safe, check the permissions of apps you install.

Chris Hoffman is a technology writer and all-around computer geek. He's as at home using the Linux terminal as he is digging into the Windows registry. Connect with him on Google+.

  • Published 11/27/12

Comments (23)

  1. LukeSBE

    The first app I installed on my SIII was ‘Prey’
    Same goes for my son’s laptop, and my wife’s new phone.

  2. Angelia

    Lookout is great as it locates missing phones and backs up your contacts for you

  3. Zach Morgan

    Btw, with Avast if you want only the anti theft feature you can uninstall the anti virus once you have the anti theft set up. At least I know you can with the root anti theft set up.

  4. Namanya. R.

    I use Netqin, it has an anti-thefty, Power booster, data bar, backup, Privacy Advisor, System Performance, Internet Protection, Network Manager, Billing Cycle, Excessive Data Alert …

  5. haahaaah

    android does not need antivirus or antimalware, because android just like any other os using linux kernel. android is safe and protected from viruses or malware.

  6. oppps

    Just because the linux kernel is used doesn’t mean it is safe. Rootkits for one can be used.

  7. Samoth

    I stick to Symantec’s Norton. It’s on all our PC’s tablets and phones. Can be managed from within one account and is a very complete suite.

  8. Areeb

    IMO the best way to verify sideloaded apps would be to install BlueStacks and test it on PC.

  9. RA

    avast works great for me on ICS, which doesn’t have some of the security features.
    @Areeb VirusTotal is another good way to scan sideloads.

  10. Willow

    I’ve only got 2.2. on my HTC Legend and I have picked up malware. I’ve no idea how as I only use the Play store. Even with “Lookout” running regular scans, it doesn’t get rid of little “stars” and “plus” signs at the top of the screen from xapush which then installs it’s own apps.
    Any idea how to get rid of this?

  11. Stephanie

    I guess the thing that I don’t get (and I’m not a computer person AT ALL) is that if you’re using your tablet for things like email or facebook, then isn’t the likelihood of downloading a virus so much higher? I have a Kindle Fire HD which I plan to use mostly to read, but so far I have have FB on there as well.
    I’m using the Amazon App store.

    Please advise. Thanks.

  12. Dantv

    Ok but what do we do about Google teaching and spying on Android users???

  13. miky computers

    Thanks for the well written article!
    Very interesting information. As the growth use of Android, people should know that. Thanks,

  14. Surendra Salgaonkar

    grate! But it is primary stage in india.

  15. Sam

    Helpful and informative post. The 1st app installed on my s3 was Lookout security and recommend to all. They scan every app before it gets installed. When my battery gets to 5% they send an email with the phones location..

  16. tony

    @Sam,

    How useful is that email. I mean, is it detailed enough to tell you that your phone is either at home or at work, etc. If this email ever comes in handy, wouldn’t it be because your phone is lost, not because your battery is low?

  17. ben dover

    The idea of android being at high risk for malware came from anti-virus companies in the first place as a tactic to get you to use their apps on your android device. They say there are apps which can root your device, which is true (it’s possible to root your device by installing an app and pressing a button. This works on many devices.), but to take advantage of root access they must be given root access by you through an app called superuser, which allows you to allow or revoke root access to any app at any time. @Tony: I think it’s implied that Sam wouldn’t let his battery get down to 5% unless he lost it for an extended period of time and wasn’t able to charge it. In others words if the battery is that low Lookout assumes the phone is lost or stolen and automatically locates the phone. That’s seems like a good feature to me.

  18. anonymouse

    this article and all the comments are forgetting internet access.

    http://www.nbcnews.com/technology/technolog/samsung-phones-vulnerable-factory-reset-hack-1B6099618

  19. anonymouse

    the link in my post above and the link below in this post show malware can affect smartphones. whether the current antiviruses available for smartphones are capable of countering these, I can’t say and I’m not willing to test. but be aware, it is possible and will become a greater threat.

    http://www.nbcnews.com/technology/technolog/european-bank-malware-steals-47-million-1C7480674

    P.S., for those not willing to read the entire article, look for the ZITM part. that’s the malware that’s installed on your phone ;)

  20. sohail rana

    kindly send me antivirus software

  21. Obliviouspeople

    To those who think that androids are immune to viruses are delusional, in fact this article is full of false information considering that quite a few times i have downloaded apps from google play store and only used google play store and not only have they had malware that can read your contacts information and send that on but can hijack your phone. So if you want to be oblivious and be like the people that say Macs dont get viruses either, wake up do some google and find out more before putting your guard down.

  22. Don

    Great article, thank you.

    I did want the locate my android feature, and found “Where’s My Droid?” on Google Play. It’s impressive. In addition to locating your phone (within 3 meters) you can remotely make it ring, take a photo (front or back camera) and view it online, lock it, delete contents from the phone, etc. No anti-virus — it’s just for locating your phone if it’s lost or stolen.

  23. amit

    You forget to mention that many antivirus solutions on android have call block and SMS block feature. To me this is the most useful of all since I get harassed badly by collection agencies due to poor economy. Avast call and SMS block feature doesn’t work on LG phones. Free antivirus like comodo is more than enough. I have Kaspersky and I think I was stupid to have paid for it

Enter Your Email Here to Get Access for Free:

Go check your email!