Just recognized an in-App ad, telling me my Android could be infected with Viruses, interresting… This I had to check out, hence my rationale regarding Antivirus Apps in general (later in this post). The following are some screenshots of this “great” secuirty App:
The Ad lead me to the following site:
The site (being in Norwegian) claimed almost 4k new viruses were found during the last 7 days (wow, really?).
This green button directed me to the dowload site, looking suspectably similar to Googles Play store:
Now I turned over to use my honeypot smartphone, as I did not want do download this to my personal in-use device. The download gave me an apk file to install (being a third party app obviously). The requested permissions were not suprising as you can see some of them here.
“Services that cost you money” is never good… As I used my honeyphone, I accepted and got more details that the developers wanted me to accept (surprised they bottered telling me – also in Norwegian).
What they actually ask you to accept here is a subscription service that will send you 5 expensive SMS each week of 5$ each… And(!) by accepting this disclaimer/EULA you accept to hold the company, its partners, subcontractors, agents, collaborators etc. free for the responsibility of all incorrect, unauthorized or illegal use of your account, or reverse engineering of the service for that matter…
This is where I stopped… If I will have the time, I will look into it (not “re-enginer”) it later and keep this post updated.
And then my rationale about Smartphone antivirus… I believe most “Antivirus” Apps for smartphones are obsolete as the architecture of most well known OSs, e.g., Android and iOS, run their apps in a seperated operating environment (sandbox). The goal of this is just that other Apps shall not have access to other Apps on the device. Thus, an “antivirus” App cannot “analyze” the maliciosness of other Apps. To support my claim, I have tried multiple Security Apps claiming to detect malicious Apps, and they dont seem to detect any of the “malicious” Apps I have made, or others for that matter, e.g., the Anti penetration testing App which should (in my appinion) be detected as at least suspectable…