It seems that a certain anti-virus vendor is resorting to some very dubious tactics to scare Android users into purchasing its anti-virus app at extortionate prices. We recently wrote about how malware writers are publishing adverts which try to scare users into downloading an antivirus app. The adverts look like warning alerts and, once duped, the victim unwittingly installs malware directly onto their device. In a interesting twist, it seems that the apparently legitimate anti-virus app “Armor for Android” is trying to extort up to $550 per year from users just to use the app!
Armor for Android isn’t new, and when it was first released many well respected security companies like Sophos denounced it as a scam. At the time, Vanja Svajcer of Sophos wrote that Armor for Android’s pricing scheme was nothing less than “extortion.” At the beginning, Armor for Android wasn’t in the Play Store and its impact was limited. However, through some very dubious marketing tactics, Armor for Android has tried to make itself look respectable while taking exorbitant amounts of money from its users.
Armor for Android’s journey to respectability followed two paths. First the company managed to get the app into Google Play and sold it for a very cheap price ($0.99). The actual app itself isn’t fake, it does indeed scan files and report any threats, however it does this by using VirusTotal.com (which is owned by Google). In other words, it just farms out the malware detection to a 3rd party and reports the results. Because of its cheap price and its use of VirusTotal.com, Armor for Android has managed to gain a 4.7 star rating on Google Play from over 1,300 reviews. Users are posting comments like “amazing” and “simply the best.” Although I have no proof, such comments beg the question, has Armor for Android been paying for reviews on Google Play?
Now that the app is seen as respectable, the developers bumped up the price to $29.95. Fortunately the number of downloads is only between 5,000 – 10,000 which is small when compared to products like Avast or Kaspersky. The latter has between 1,000,000 – 5,000,000 downloads!
The second tactic that Armor for Android used was to get itself tested by av-test.org. AV Test is seen as a respectable independent security lab and their test results are often a good guide about the effectiveness of anti-malware solutions. AV Test certified Armor for Android twice and gave it a 99% detection rating. As a result, the app and the Armor for Android website carry the AV Test badge and can brag about their test results. Its protection rating, however, isn’t unexpected, since it is using VirusTotal.com to do the scanning for it. Interestingly the latest round of Android security apps tested by AV Test don’t include Armor for Android.
Armed (pun intended) with a 4.7 star rating and certification from AV Test, Armor for Android was now ready to reap in the money. The company has started using the same scareware mobile ads that the malware writers are using. The ads warn users that their devices could be infected and then start a download of the Armor for Android .apk file along with some nice instructions about how to enable the installation of apps from Unknown Sources.
Once installed, the free version of Armor for Android is a nightmare. First it tries to get itself administrator rights (which makes it harder to uninstall) and then it starts posting very annoying notifications about possible threats which have been detected, along with messages about other services that the app offers, like a memory booster. To access any of the other services and to scan the so-called threats you need to subscribe to the Armor for Android service. When the app originally appeared, Sophos reported that the app took $0.99 per week from the user. This amounted to just over $50 a year which is what Vanja Svajcer called “extortion.” However greed took firm hold of the developers and the app now charges up to $1.60 per day (depending on your currency and the exchange rates). That amounts to over $550 per year!
There was a brief moment when I thought that perhaps an unscrupulous developer had hijacked Armor for Android’s name and was just basically stealing money. I gave Armor for Android the benefit of the doubt. But that didn’t last long, because, if you go to the developer’s website as linked from within Google Play, you can find the free version of the app available for download and it is exactly the same app as the one being offered via the scareware.
The irony in this story is that if you submit the Armor for Android .apk file to VirusTotal.com it reports it as malware! Many of the major Android security apps report it as harmful or at least as a Potentially Unwanted Program (PUP).
To protect yourself from Armor for Android, don’t click on any ads which try to scare you into downloading the app. If you did download it then don’t install it. If you did install it then remove it immediately. If you subscribed to their service then cancel the subscription immediately. If you have problems cancelling, then, according to their website, “all fees and charges are 100% refundable. Please call 1-800-910-6786 (Toll Free US) or 0-800-098-853 (Call Collect outside of US), if you have questions or problems, use email@example.com”
If you have bought Armor for Android or have seen the scareware ads please share your experience below in the comments.
Like this post? Share it!
If you’re reading this comment and you actually bought this app, you’re an idiot :)
i never gave any attention to these kind of viruses
What if you didn’t read the comment but actually bought the app?
What if you did buy the app but are too stupid to read the comment?
Then I don’t know how you even managed to use your device to install it!
Banging their forehead against the screen whilst saying “uuuh… I used to have iPhone….. Uuuugh”
but im pretty sure that would be a clueless average joe, sadly :(
the chances of finding him on such forums as this are close to zilch.
Even the most average of all can’t be that stupid… I hope
you’ll be surprised :)
I hate antivirus apps.
Damn rat bastards, my phone came with Lookout it’s free, seems to be legit so I’ll keep it.
I’ve seen this message at least a dozen times over the past month. Bastardos!
Lol, only an idiot would buy these apps.
aah… devious social engineering, but $550 is pretty hefty. someone should a reverse scam on them like the 420 eaters :)
lol designed to target the completely clueless
Yep saw these bs virus detected pop ups.. Super annoying hope google can somewhere get rid off
i think the point of this article is not in the purchasing of a scam app but rather why the hell am i getting the pop up in the first place? it showed up on my nexus 5 right after i set it up for the first time when UPS came… so hopefully Google takes notice and do something about this, i’ve never installed and will not in the future any kind of antivirus software since i trust Google is doing a good job protecting Android but this pop-up gotta go!
all down to what you installed when you got your phone, by default Android doesn’t give antivirus pop-ups, only sync services and app updates.
I’m amazed that AV Test certified this crap. AV Test is supposed to be the gold standard for testing antivirus apps. Makes ya wonder…
Could it potentially place my Google account in jeopardy if I were to flag the app?
ARE YOU KIDDING ME
Why doesn’t someone simply slit the developers throut ? And blled the foul cunt like a pig.