Top paid app on Google Play antivirus scam

The top paid app on Google Play for over a week was an "antivirus" app that did absolutely nothing other than change an image.

Before it was flagged and removed, the top paid app on Google Play for over a week was an advertised antivirus app that did absolutely nothing other than change an image.

(Screenshot by Michelle Starr/CNET Australia)

There's something that Android users have to worry about a little more than iOS users and that's malware. A quick search on both marketplaces will reveal a noticeable imbalance in the number of apps available that provide antivirus services — and a good antivirus app can do very well on the Android marketplace.

So too can a bad antivirus app. An app called Virus Shield launched on 28 March at a price point of AU$3.99, and proved so popular that it rocketed to the top of the paid app charts and stayed there. It collected over 10,000 installs, and positive four- and five-star reviews from 1270 users. Its selling points were its clean interface and simplicity: all a user had to do was tap the screen to activate antivirus protection, and that was it.

(Screenshot by Michelle Starr/CNET Australia)

However, according to an in-depth teardown by Android Police, it didn't actually work as advertised. In fact, it didn't work at all. After examining the app's java code (which the website mirrored on Github), the app only does one thing.

The image changes when you tap the screen, turning the X into a tick. That's it.

After Android Police posted its discovery, Google removed both app and seller from the app store, but it does highlight a few serious flaws in the marketplace. Google does have a malware scanning service, but this app contained absolutely no malware — it was harmless, except for the fact that it was scamming users out of the price of admission.

The other is the Google Play refund policy. To get an automatic refund on an app, you need to apply within 15 minutes of installing it. Otherwise, you have to contact the developer directly — and, given that he was scamming people, we don't think there's going to be much joy for users there.

Fake apps surface on Google Play fairly frequently, which is unfortunately the nature of an open platform. Previously, user reviews would help other users determine whether an app was worth their money, but as Virus Shield demonstrates, that's not always reliable. Antivirus apps are particularly easy to fake, too — many users just assume that the app knows what it's doing.

At this point, we can only recommend you do your research away from the Google Play marketplace. Find out if the developer has a website or blog, or only download antivirus apps from trusted providers such as AVG, Avira, Avast, Malwarebytes, Doctor Web, McAfee, Norton, Trend Micro and Bitdefender.

Featured Video