Most Android Virus Scanners Are Unsure

Actually, AV software should protect your smartphone from malicious code. How researchers now have found many virus Hunter for Android have however even glaring security flaws.

Security researchers have discovered vulnerabilities in half a dozen virus hunters for Android smartphones. Up to 675 million installations should be affected worldwide. Attacker can disable virus protection across the gaps, access personal data and lock the device in the worst case, and demand ransom. Products from Kaspersky, malwarebytes, Avira, ESET, McAfee and the less widespread virus Hunter AndroHelm and Cheetahmobile are affected.

The vulnerabilities were discovered by a group of researchers of the Fraunhofer Institute for secure information technology (Fraunhofer SIT). They had then reported the vulnerabilities the AV vendors. A majority have “respond immediately” and resolved the issues, according to the researchers.

Virus scanner with beginners mistakes

Many of the found vulnerabilities have to the cause that the virus scanner is insufficiently check downloaded virus definitions. Downloads completely unsecured connections exist for the part. As a man-in-the-middle in the same network can take over as the victim in the connection between the app and server of manufacturer’s engage, manipulate the download and the control over the app.

The scanner Kaspersky reloading insufficiently secure advertising, which can be manipulated to execute malicious code with the privileges of the app. McAfee’s Android security can be terminated by other apps on the phone about a vulnerability, so that virus scans are carried out. ESET software contains an encryption algorithm that was easy to crack. At AndroHelm, the researchers could enable features of the Pro version without paying.

The researchers recommend that users keep their anti virus apps up to date – what is regardless anyway indispensable by the now discovered gaps to ensure their safety. Best to activate the auto-update feature in this type of apps from the outset.