Google's Android malware scanner pitifully bad, only detects 15.32% of samples

Android's built-in scanner not as effective as third-party apps.

52 seconds read time

With the release of Android 4.2, Google started including a malware scanner that was designed to warn users if an app tested to be a possible malware app. A computer scientist at North Carolina State University decided to put the scanner to the test and found some interesting results.

Google's Android malware scanner pitifully bad, only detects 15.32% of samples |

Xuxian Jiang found that just 15.32 percent of samples were detected as malware. Jiang used a new Nexus 10 tablet and exposed it to 1,260 different malicious apps. Sadly, the built-in detection system detected just 193. He then pitted the Google system against anti-virus apps from the big names: Avast, Symantec, and Kaspersky .

He found that the third-party apps detected 51 percent to 100 percent of samples picked from the 49 malware families. Google's service found just 20 percent of the same samples. He notes that Google's method of detection can be easily bypassed. Google uses a cryptographic has signature of the app to identify those that have been found to be malicious. .

"This mechanism is fragile and can be easily bypassed," Jiang wrote. "It is already known that attackers can change with ease the checksums of existing malware (e.g., by repackaging or mutating it). To be more effective, additional information about the app may need to be collected. However, how to determine the extra information for collection is still largely unknown-especially given user privacy concerns."


Trace is a starving college student studying Computer Science. He has a love of the English language and an addiction for new technology and speculation. When he's not writing, studying, or going to class, he can be found on the soccer pitch, both playing and coaching, or on the mountain snowboarding.

Newsletter Subscription

Related Tags