Why I Wake Up Early (And 9 Reasons You Should Do So Too)

GT Explains: How Useful Are Antivirus Apps On Android And Should You Be Using Them

Antivirus apps are supposed to prevent attacks, weed out the ones that get you and stop malware and spyware attacks. On PCs, especially on Windows, this is pretty useful. On Android though, it’s a whole different story. I’ve been using Android for years now and for the most part I haven’t used an antivirus app. Why is that? If I don’t use antivirus, how do I protect myself from exploits? And just because I don’t use them, does that mean neither should you? Read on to find out.

Antivirus Apps On Android Focus More On Defense Rather Than Offense

When you look at the description of an Android antivirus app, you’ll see features listed like total backup to the cloud, remote wipe, kill tasks, monitor battery, etc.

The AVG app only has a couple of lines related to actual viruses – “Scan apps, settings, media in real time”, and “Defends against malicious apps, viruses, malware and spyware”.
There’s a reason for this. On Android, viruses as we know them from the desktop are not that big of a threat. Because of the way Android operates, more threatening are malware, malicious apps and spyware. These malicious apps find their way to your phone either through bogus apps, pirated apps, ads or just through browsers.

Of the 5 million Android devices that Kaspersky’s Security Network analyzed, Kaspersky found the number of attacks per month went from 69,000 per month to 650,000 between August of 2013 through March of 2014. In this period, the security researchers at Kaspersky found 175,442 new and unique types of malware for Android.

When asked about the antivirus apps, Google’s Android Security Chief, Adrian Ludwig said “I don’t think 99% plus users even get a benefit from [anti-virus],”. According to him, if you’re not doing the things you’re not supposed to do, you don’t need an anti-virus apps.
So, if malware is the real problem, how do you stay safe?

How To Keep Malware From Getting To Your System

I use a rooted Android phone. On the face of it, this means that my phone is open to all sorts of exploits out there. On a rooted phone, getting admin access to modify the system files is a lot easier. On a non-rooted phone, the system files are effectively locked down. Away from the prying eyes of the user and the attackers alike.
But of course, the hackers always find a way. Malware apps usually get access to personal information like your contacts, SMS, emails, etc – things that Android apps have access to already. Here are the basic steps you need to take to make sure malware doesn’t get to your system.
Only install apps from the Play Store. Stay away from third party app stores. I’d even go one step further and say don’t take apps from the Play Store for granted. The Play Store doesn’t have an active app blocking policy like the iOS App Store. Fake apps that look like the official apps for Netflix or eBay make it to the Play Store all the time.
Before downloading an app that you’re not sure of, read the description carefully, check out the reviews and see the ratings. Official apps on the Play Store usually have 4.5 star ratings or higher.
Don’t download pirated content.

“If you only install software from trustworthy market places (like Google Play) and do not use your smartphone very often for web surfing or e-mailing, the OS is still pretty safe. The majority of problems arise from the installation of ‘cracked’ applications from 3rd party market places which are often bundled with malicious software.” – Andreas Marx, AV-Test

Don’t side-load apps from unknown sources. You don’t know who made the app, how it was compiled, what kind of code it runs, and what the app developer’s intentions were.

Don’t click on ads from sources you’re unaware of.

The Advanced Guide To Staying Away From Malware

Of course, the above list was the basic guide and it came with a lot of caveats. If you’re a pro user, perhaps with a rooted Android phone, let me tell you how I do it.
Last year, lookout found out about a malware network posing as an advertising network. It was spread across 32 apps from the Play Store that had been downloaded more than 2 million times.

“That’s kind of a built-in backdoor into the application, and when a mobile ad network starts serving bad content, it shifts to become a botnet that is suddenly serving malicious content,” explained Wade Williamson, a senior security analyst at Palo Alto, speaking by phone. “But the difference is there’s no exploit needed, no bait and switch needed, because you already have this hook built into the application.” via Darkreading.

Of course, this is not to say that all ads are bad or that you should never look at ads ever again (it supports a lot of app developers out there).

If you’re rooted, blocking ads (both in apps and browsers) on Android is the best thing you can do.
If you’re not rooted but want to block malicious ads, try Disconnect’s Android app. The app used to be free but now you need to pay $5 a month premium account to activate the filtering. You can’t get it on the Play Store so you’ll have to side-load this one (as I’ve said, there are caveats to each basic rule).

Disconnect keeps an updated host file of malicious ads and scans ads displayed on the screen against its database. When it finds a match, it stops the ad from loading up. It does this by installing a VPN filter on your phone.
Disconnect says that it only scans information related to the ads and nothing more. But if you’re already rooted, I’d suggest just block all ads using the AdFree app.
If you’re a power user, I’m sure you already follow the basic rules of not visiting shady sites and not installing obscure apps.