Android 4.2 malware scanner detected only 15% of malicious code in test

Android has always been criticized by many for its tendency to attract more malware than other OS, mainly thanks to the ability to sideload unsigned apps and to the fact that Google allows any app to be published to their app store (and of course due to the fact that Android powers a huge majority of smartphones). With Android 4.2, Google decided to do something about it and added a malware scanner for apps manually installed by the user.

However, it seems that the Android 4.2 malware scanner may not be all that secure, as a test by computer scientist at North Carolina State University showed that it was only able to detect 15 percent of all malicious code that a Nexus 10 was subjected to. Out of 1,260 instances of malware scanned, only 193 were flagged by the scanner, resulting in this poor show of accuracy and usefulness by a feature that many were happy to see when Android 4.2 was launched.

According to the scientist who conducted the test, Google was made aware of the poor detection capabilities of the scanner but has apparently not done anything about it yet. Google did buy the web antivirus VirusTotal, which did much better at the same test, so maybe we will see Google integrating the technology from VirusTotal into the OS, but until that happens, the current malware scanner in Android 4.2 will remain quite inadequate at its job.

As always, this is mainly a concern for those users who, willingly or out of necessity, manually install apps from sources other than Google, specially pirated apps using black market apps or even official ones from other ecosystems such as Amazon’s Appstore. Google would do well to fix this though – if the fact that it took Google so many years to even implement such a security measure wasn’t bad enough, a security measure that does such a miserable job will come under even intenser criticism.

Via: The Verge | Source: North Carolina State University