Feeds

back to article Google kills fake anti-virus app that hit No. 1 on Play charts

"Virus Shield", an app that briefly shot to the top of the charts on Google Play, has turned out to be a complete fake and has therefore been pulled by Google. The scam, turned up by Android Police, is as simple as a con-man could wish for: the app includes almost no functionality whatever, yet it was briefly a chart-topper on …

COMMENTS

This topic is closed for new posts.

Page:

Silver badge

Pretty easy

to make money. At least it wasn't "malicious" just non functional.

I'd add that there are other pieces of software that are close to this in functionality. Left as an exercise for the reader to determine which ones are.

Where is the <insert platform here> police!

9
0
Bronze badge
Thumb Down

Re: Pretty easy

I don't see much distinction between an overtly malicious app and deliberately selling the user a false sense of security. They are knowingly putting their customer in harms way.

Plus, considering Aslan's comment below, "Google Play only runs an automated check to see if an App is malicious", it is quite possible that it was a wannabe malicious app developer who found the auto-checks too difficult to get past, and took an easy route to the money. All the same intent is there.

3
9
Trollface

Re: Pretty easy

Hah. Anyone else remember the days from the Windows 95-98 era when applications costing upwards of 20 bucks would claim to "INCREASE YOUR COMPUTERS MEMORY!!!11!1!" (read: increase the size of the Windows page file which anyone could do from "Control Panel" -> "System".)

11
0
Anonymous Coward

Re: Pretty easy

Unlike some expensive anti virus apps that eat battery and cpu time yet stop nothing malicious

i'd NO ReTON to My CAFFE for mentioning 2

16
0
Silver badge

Re: Pretty easy

So, homeopathy for your Android phone then.

17
0

Re: Pretty easy

I did a quick CTRL-F before posting to see if anyone made a homeopathy reference. Damn you.

2
0
Silver badge
Pint

Re: Pretty easy

That's okay, I did it after posting. Got lucky!

0
0
Bronze badge

There are a number of issues here - each of which are quite worrying.

First - the app required no permissions, but as it was called an anti virus app, you can be pretty sure that anyone who installed it - would be quite happy to accept whatever permissions came along in any subsequent update - because - it's an anti virus app - so surely it wouldn't be doing anything wrong. Luckily it was taken down before we reached that situation.

Secondly - almost all the reviews were posted from new accounts that had not reviewed any other app... so huge numbers of newly created accounts were able to both purchase and then review the app. There must be a service somewhere that developers can pay money to - but how this service was able to mass generate Google accounts with valid payment data - is a rather concerning question. We are pretty sure these accounts were not manually created - there were too many, many of them not even posting a review - just rating the app 5 stars.

20
0

Someone with more spare time than me should do a statistical analysis of voting practices in Google Play to identify vote rigging. It's painfully obvious when it happens, and it seems to happen a lot.

With all their experience of battling spam, I don't see why Google seem to be turning a blind eye to this problem.

12
1
Bronze badge

I might venture a guess. Having lots of 5-star apps, makes their store seem full of high quality goods.

4
3
Silver badge

"With all their experience of battling spam, I don't see why Google seem to be turning a blind eye to this problem."

Because there is no "they" at Google to turn a blind eye or not. Having built systems and platforms as automated as they have, there is no human arbiter or route of appeal, no human managed customer services, no editorial discretion. They'll only get round to this if it (a) starts to impact revenues, (b) then some strategic planner at Mountain View spots the problem, and (c) there's a way of doing it by machine.

As with Google Maps, the whole Android system is built around a hugely networked future where machines can do the job properly and network coverage universal, and information flows perfect. Unfortunately we're a long way off that, and the Google Play store needs a competent, properly resourced curating team. Despite that being a mere $2m a year expense in a $50bn a year corporation, Google are totally averse to meatsacks other than as a resource to be farmed and so I don't have high hopes for it being fixed soon. My money is on the problem recurring and being swept under the carpet, until one day it becomes a huge, huge, business model destroying disaster, for example a wildly popular free download that then turns out to have harvested the credit card details of half a billion users, after the event.

A complete failure of that magnitude would destroy Google overnight. Nobody would want Android phones, they'd use alternative search engines, cookie and ad-blockers would become commonplace fro non-expert users, and Google find they don't have any income streams any more.

15
3

sounds good, lets do that!

6
0

The fact it required no permissions should have been enough to alert a potential buyer it was a scam. Also doesn't the play store give you 15 minutes to use the app and cancel it if you don't want it after that time?

1
0
Silver badge

"The fact it required no permissions should have been enough to alert a potential buyer it was a scam."

No permissions or excessive permissions, either way it would only alert the tech savvy. Most users simply click on "Yes", "Yes", "Yes" because they don't understand the question or the consequences, but they do understand the short term consequences of clicking on "No, I do not accept the terms and conditions".

As Microsoft found with UAC, dialogue boxes are only useful if they offer the right range of choices at the right time to suitably informed users; In most cases they are worse then useless.

5
1

"The fact it required no permissions should have been enough to alert a potential buyer it was a scam."

Many potential buyers have no clue about permissions. This (for example) would not have alerted my mum!

"Also doesn't the play store give you 15 minutes to use the app and cancel it if you don't want it after that time?"

Yes, but again, how would you know - in 15 minutes - that it was a fake app? If you've bought the app in the first place, why would you get a refund if it does (or looks like it's doing) the exact thing you purchased it for?

Relying on end users to be vigilant/knowledgable is not *the* answer (though sure it would help).

5
0
Anonymous Coward

"the Google Play store needs a competent, properly resourced curating team"

I don't want a curating team blocking apps and using spurious reasons why your app can't be put on the Play store.

Just scan for malicious apps and take down any that are fraudulent but I don't want censorship - if I did I could use an iPhone.

If you really want a system like that then run a "verified by Google" program where devs can pay a bit more and send in their source code to get a verified tag in the Play store with a rapid turnaround.

5
4

Refunds can be obtained outside 15 minute window

In many cases (and certainly in this one) it is possible to obtain a refund for an app from Google Play outside the 15 minute window:

http://www.androidcentral.com/how-get-refund-app-google-play-beyond-15-minute-time-window

4
1
Anonymous Coward

> almost all the reviews were posted from new accounts that had not reviewed any other app

...

> there were too many, many of them not even posting a review - just rating the app 5 stars.

Well, maybe this product was so good it got people signing up with the Google store just to buy it and leave a sterling review.

Or maybe not. :-/

0
0
Anonymous Coward

> With all their experience of battling spam, I don't see why Google seem to be turning a blind eye to this problem.

You don't? ;)

0
2

A non technical person probably wouldn't know about which permissions an antivirus would use, assuming they knew about permissions at all.

Similarly, a non technical person would probably have no way of ascertaining that a virus scanner is doing nothing other than display some pretty graphics on it's UI..

1
0

Re: Because there is no "they" at Google to turn a blind eye or not. Having built systems and platforms as automated as they have, there is no human arbiter or route of appeal, no human managed customer services, no editorial discretion.

This is true. Where I work, we use gmail for certain users email. AFAIK, we have the relevant SLAs in place and this is under a business contract. As such, you'd expect that we'd have little trouble getting hold of actual people to solve a problem. Not so, according to the guys that deal with them. In fact, quite the opposite.

3
0

Average buyer?

Please,,, average buyer? You do realise the average IQ is 100... you do realise that a person of 100 IQ will most likley try and lick a window to drink water.......

All these permissions are for is to take blame away from the company (i.e Google) to the customer to say,, you clicked accept,, deal with it

2
3
Silver badge

>>"I don't want a curating team blocking apps and using spurious reasons why your app can't be put on the Play store."

I agree. But Microsoft spent over a decade offering an OS with no curation whatsoever and the expectation that users knew what they were doing. MS grew up in an era where computer users were technical people and they kept assuming that. And then Apple came along and beat them up with iPhones and iPads. Now MS think that's what people want and are pushing their own store.

You can have educated users or you can have passively looked after users. The two are always in conflict.

4
1
Bronze badge

There was an Android app for managing battery life or something that had gotten a great review here in the Reg not that long ago. I and a number of other users tried it out and found it was basically ransomware. They had 500 fake 5 star reviews on the app store. So yes, there is definitely a service you can sign up for fake reviews. I would assume that exists for everything on the internet.

/the owner of that app had even trolled and harassed people in the comments on the Reg

3
0
Bronze badge

"Relying on end users to be vigilant/knowledgable is not *the* answer "

Eh. Why not? That is how it works in the rest of the world. If I go to the doctor and they sell me some pills to fix me up and they don't work, I don't get my money back. No consequences come of the doctor.

If Google really wants to fix this, have a holding system for money from new apps. If you've never made an app before you have to wait 30, 60 days or whatever to get paid. An app like this is always going to get caught within that timeframe. Then Google can issue refunds.

2
0
Bronze badge

"If you really want a system like that then run a "verified by Google" program where devs can pay a bit more and send in their source code to get a verified tag in the Play store with a rapid turnaround."

Don't they already do that? There is some kind of "top developer" tag already.

1
0
Bronze badge

"Similarly, a non technical person would probably have no way of ascertaining that a virus scanner is doing nothing other than display some pretty graphics on it's UI.."

This average non technical person probably doesn't even need a virus scanner. They've only been scared into it by the media.

Not to mention, in the USA every carrier adds a virus scanner app anyway. And most phone makers do too. (Knox for Samsung).

0
1
Bronze badge

"MS grew up in an era where computer users were technical people and they kept assuming that. And then Apple came along and beat them up with iPhones and iPads."

Those aren't even competing market segments...

1
1
Silver badge

>>"Those aren't even competing market segments..."

Of course they are - there are a lot of people who used to have a PC purely for a bit of email and web-browsing. The iPad (and now other devices) have significantly eaten into that. Similarly the iPhone killed off any possible future for Windows Mobile by showing just how antiquated it was, and forced MS to reinvent things from the ground up with Windows Phone. Tablet and laptop sales have directly impacted desktop PCs, rising as the latter falls. And a significant part of "tablet and laptop", is tablet.

The Windows Store is a direct response to the stores on Android and iOS devices.

1
0
Silver badge

>>"This average non technical person probably doesn't even need a virus scanner. They've only been scared into it by the media."

Well the media and a decade of Windows XP. I imagine it's quite heartening to some after MS make all that money off Android, to see Android make a little off Windows. ;)

1
0
Silver badge

5 star review

I've seen some free to play / pay to win games that offer a bribe to install and review another program.

People might install the program, give it 5 starts, get "free golden road apples" for the game they are playing, then request a refund.

0
0

mturk maybe?

or a similar infinite-number-of-monkeys "service"?

0
0

You need to understand,

You need to understand that Google Play only runs an automated check to see if an App is malicious. If the automated scan determines it's not it's posted with no human interaction. Responsibility for the apps is on the developer and the user who downloads/buys the app. A human only ever looks at things if there's a certain level of complaints. The Google play store has very few restrictions on Apps compared to other app store and this allows users more choices and interesting apps. This is generally good. To really get what you need to have a bit of intelligence, and be willing to learn a bit about your phone. If you need safety in general, and don't care to learn about your phone you'd be much better off with an iPhone.

Lookout Mobile Security is my favorite Android AV. It even got my phone back once after it was stolen.

15
1
Bronze badge
Boffin

Re: You need to understand,

The Google play store has very few restrictions (...). This is generally good. To really get what you need [you must] have a bit of intelligence, and be willing to learn a bit about your phone. If you need safety in general, and don't care to learn about your phone you'd be much better off with an iPhone.

Agreed. Unfortunately Apple has positioned their products towards wankers premium consumers, unwittingly nudging those that prioritize value for money (but aren't necessarily tech literate) in the direction of the Android platform.

These days there is a lot of talk about anti-NSA "locked down" smart mobes, but maybe the more promising business case lies in an Android handset line tied to a carefully curated app store, a bit like what Apple does perhaps, only with explicit guidelines rather than a dozen jerks playing heads-or-tails?

5
10
Bronze badge

Re: You need to understand,

A verified subset of the play store (as suggested above somewhere) would be a very good thing. Android could easily have a setting to allow non-verified apps from the Play store (the same as installing non-play store apps).

That said, if you want a cheap, largely locked down, non-apple smart phone, then I would suggest a look at a WP Nokia. It'll do maps, email, facebook, most of what people want, but won't let you download dodgy apps from anywhere you like.

1
1

Re: You need to understand,

Isn't that the point of the Samsung Knox store?

They carefully check that nothing dangerous/useful can be added to your phone, even by the App store, & so the idea of a protected area becomes useless when you literally cannot even make a text file note of a password.

1
1
Facepalm

Re: You need to understand, trollers…

"…unwittingly nudging those that prioritize value for money (but aren't necessarily tech literate) in the direction of the Android platform."

No. The exact opposite. What a disappointing troll post.

Android gear: Cheap devices. Cheap (free) ripoff OS. The biggest malware magnet since Windows, with the number of malware rising exponentially. Your costs don't end after you've paid for the device.

Apple gear: Consistently the best ROI (return on investment) and lowest TCO (total cost of ownership) compared to comparable gear from competitors and/or plagiarists. That's factual, therefore useful information.

I'll take Apple's well (but not perfectly) vetted 'walled garden' any day. I like getting work done, not fighting with the OS or malware. Why that's difficult for certain people to understand is beyond my imagination.

1
3
Silver badge

AV for Android

Only the gullible think they need this, so it is the perfect app. Prove that it ever once let a virus get through :-)

12
3
Silver badge
FAIL

Re: AV for Android

And only the REALLY gullible think there are is no Android malware.

7
13
Bronze badge

Re: AV for Android

"And only the REALLY gullible think there are is no Android malware."

Surely this app itself was a form of malware (luckily in this case only taking money under false pretences)? The fact it got to be a best seller doesn't say anything good about the vetting of the apps there, or the gullibility of many app buyers!

2
3
Law

Re: AV for Android

"And only the REALLY gullible think there are is no Android malware."

I know there is some android malware, but I also know I'm not stupid enough to install it, or think one of the "authentic" virus scanners is going to do anything more than giving me a false sense of security (which is what this is doing anyway).

The fact these people bought into a virus scanner that has bugger all access to anything important on your phone means they are the type of people who would install a virus willingly then blame the platform for the security "flaw". You're only as protected as the weakest point of entry... sadly for a lot mobile users (and PC) the user is the weakest point. That's true of any platform, not just android.

3
0
Bronze badge
Holmes

Obvious solution: Funding Model Tab

If the google wasn't so EVIL these days, they would solve some of these problems. Broken funding models have a rather simple and obvious approach. Just disclose some additional information that would help us in "following the money" to assess whether or not an app is legit. This is not the only way it could be done, but just one form to make the suggestion more concrete.

There could be a "Funding" tab that would describe the funding model used by the developer of the app. Most of the common options would be boilerplates that a developer could select. The most obvious options (for free apps) would probably be "Ad supported" and "Limited-function version to promote paid version". That part would be under each developer's control, and should even include free text options if the developer wants to say more.

At the bottom of the Funding tab would be Google's part, which would not be accessible to the developer. Maybe the google can't say anything, in which case it would say "We have no evidence to support the claims made in the developer's financial model above." It might say "This developer is earning advertising revenue in the top quartile of app developers" or "This developer also produces <full product name>, so please see that page to learn more about the funding."

Having offered that suggestion, I have to admit that it may not have done much good in this specific case because the financial model was pretty clear, and it was just the big lie. However, I think the reality was that the other anti-virus companies should have shot this one down quite quickly. Obviously, they should have downloaded the new competitor, and as soon as they tested it, they would have discovered it did nothing. Hmm... Now that I think about it, that's probably how this scam collapsed.

Another way it might have collapsed is if the google is checking for sock puppets, as suggested by another commenter (who I can't see now). Again, obvious, but I think the google is too EVIL to be bothered.

2
13
Bronze badge
Paris Hilton

BWAH-HAHAHAH!

Sorry. No, this isn't funny at all. Don't know what gotten into me.

Please go on.

1
4
Bronze badge

It's funny that it didn't require any permissions. Given what it was supposed to do, that should have been a dead giveaway that it was fake. But I guess that just shows most people pay no attention to app permissions (which we already knew).

6
1
Anonymous Coward

More likely that the average man on the clapham omnibus has no idea how software works - let alone AV software.

8
0

App name is choice

App package name: com.deviant.security.shield

Swindlers with a sense of humour at least...

2
0
Silver badge

Top?

"No. 1 on Play charts" suggests it had more downloads than Facebook or more revenue than Candy Crush. The best position I saw for this app was a screenshot of it in third place in the "New Paid Apps" list. "No. 1 Android App Is Fraud" gets more clicks I suppose.

5
0
Silver badge

Is this the same Android AV scanner...

That I've been getting adverts for on my phone. I avoided clicking on it because.

1) I have lookout installed.

2) The icon looked like lookout's icon.

3) I assume every advert that appears on my phone that doesn't name the company to be fraudulent.

4
0
Trollface

Re: Is this the same Android AV scanner...

Are you telling us you didn't root your phone and installed AdAway? Please return your silver badge, you don't deserve it...

1
4
Anonymous Coward

Re: Is this the same Android AV scanner...

I have a few apps,like Sky GO that won't work if rooted so my nexus 7 is still locked despite being incredibly easy to root.

My old San Francisco however, was rooted the day I bought it but I never click ads displayed on my tablet and just ignore them.

In Android Firefox I use the Adblock extension anyway

2
0

Page:

This topic is closed for new posts.