Want CNET to notify you of price drops and the latest stories?

Top-five paid app on Google Play was an antivirus scam

Before it was flagged and removed, one of the most successful apps on Google Play for over a week was an "antivirus" app that did nothing other than change an image.

Michelle Starr Science editor
Michelle Starr is CNET's science editor, and she hopes to get you as enthralled with the wonders of the universe as she is. When she's not daydreaming about flying through space, she's daydreaming about bats.
Michelle Starr
2 min read

Screenshot: Michelle Starr/CNET Australia

There's something that Android users have to worry about a little more than iOS users: malware. A quick search on both app stores reveals a noticeable imbalance in the number of antivirus apps on Google Play -- and a good antivirus app can do very well on the Android marketplace.

So too can a bad antivirus app. An app called Virus Shield launched on 28 March at a price of AU$3.99 ($3.99 in the US), and proved so popular that it rocketed to the top of the "new paid Android app" chart and stayed in the top five of all paid apps, behind only Minecraft and SwiftKey.

Virus Shield collected over 10,000 installs, and positive four- and five-star reviews from 1,270 users. Its selling points were its clean interface and simplicity: all a user had to do was tap the screen to activate antivirus protection, and that was it.

Screenshot: Michelle Starr/CNET Australia

According to an in-depth teardown by Android Police, however, it didn't actually work as advertised. In fact, it didn't work at all. After examining the app's Java code (which the website mirrored on Github), the app only does one thing.

The image changes when you tap the screen, turning the X into a tick. That's it.

After Android Police posted its discovery, Google removed both app and seller from the app store, but it does highlight a couple of flaws in the marketplace. Google does have a malware-scanning service, but this app contained absolutely no malware -- it was harmless, except for the fact that it was scamming users out of the price of admission.

The other is the Google Play refund policy. To get an automatic refund on an app, you need to apply within 15 minutes of installing it. Otherwise, you have to contact the developer directly -- and, given that he was scamming people, we don't think there's going to be much joy for users there.

Fake apps surface on Google Play fairly frequently, which is unfortunately the nature of an open platform. Previously, user reviews would help other users determine whether an app was worth their money, but as Virus Shield demonstrates, that's not always reliable. Antivirus apps are particularly easy to fake, too -- many users just assume the app knows what it's doing.

At this point, we can only recommend you do your research away from the Google Play marketplace. Find out if the developer has a website or blog, or only download antivirus apps from trusted providers such as AVG, Avira, Avast, Malwarebytes, Doctor Web, McAfee, Norton, Trend Micro and Bitdefender.

This story was originally published on CNET Australia.