Exposé: Don’t fall victim to this dodgy anti-virus app

February 5, 2014
33
263

armor-for-android-high-costs

It seems that a certain anti-virus vendor is resorting to some very dubious tactics to scare Android users into purchasing its anti-virus app at extortionate prices. We recently wrote about how malware writers are publishing adverts which try to scare users into downloading an antivirus app. The adverts look like warning alerts and, once duped, the victim unwittingly installs malware directly onto their device. In a interesting twist, it seems that the apparently legitimate anti-virus app “Armor for Android” is trying to extort up to $550 per year from users just to use the app!

Armor for Android isn’t new, and when it was first released many well respected security companies like Sophos denounced it as a scam. At the time, Vanja Svajcer of Sophos wrote that Armor for Android’s pricing scheme was nothing less than “extortion.” At the beginning, Armor for Android wasn’t in the Play Store and its impact was limited. However, through some very dubious marketing tactics, Armor for Android has tried to make itself look respectable while taking exorbitant amounts of money from its users.

Armor for Android’s journey to respectability followed two paths. First the company managed to get the app into Google Play and sold it for a very cheap price ($0.99). The actual app itself isn’t fake, it does indeed scan files and report any threats, however it does this by using VirusTotal.com (which is owned by Google). In other words, it just farms out the malware detection to a 3rd party and reports the results. Because of its cheap price and its use of VirusTotal.com, Armor for Android has managed to gain a 4.7 star rating on Google Play from over 1,300 reviews. Users are posting comments like “amazing” and “simply the best.” Although I have no proof, such comments beg the question, has Armor for Android been paying for reviews on Google Play?

Now that the app is seen as respectable, the developers bumped up the price to $29.95. Fortunately the number of downloads is only between 5,000 – 10,000 which is small when compared to products like Avast or Kaspersky. The latter has between 1,000,000 – 5,000,000 downloads!

armor-for-android-av-test

The second tactic that Armor for Android used was to get itself tested by av-test.org. AV Test is seen as a respectable independent security lab and their test results are often a good guide about the effectiveness of anti-malware solutions. AV Test certified Armor for Android twice and gave it a 99% detection rating. As a result, the app and the Armor for Android website carry the AV Test badge and can brag about their test results. Its protection rating, however, isn’t unexpected, since it is using VirusTotal.com to do the scanning for it. Interestingly the latest round of Android security apps tested by AV Test don’t include Armor for Android.

armor-for-android-scareware

Armed (pun intended) with a 4.7 star rating and certification from AV Test, Armor for Android was now ready to reap in the money. The company has started using the same scareware mobile ads that the malware writers are using. The ads warn users that their devices could be infected and then start a download of the Armor for Android .apk file along with some nice instructions about how to enable the installation of apps from Unknown Sources.

armor-for-android-scan-apk

Once installed, the free version of Armor for Android is a nightmare. First it tries to get itself administrator rights (which makes it harder to uninstall) and then it starts posting very annoying notifications about possible threats which have been detected, along with messages about other services that the app offers, like a memory booster. To access any of the other services and to scan the so-called threats you need to subscribe to the Armor for Android service. When the app originally appeared, Sophos reported that the app took $0.99 per week from the user. This amounted to just over $50 a year which is what Vanja Svajcer called “extortion.” However greed took firm hold of the developers and the app now charges up to $1.60 per day (depending on your currency and the exchange rates). That amounts to over $550 per year!

armor-for-android-annoying-notifications

There was a brief moment when I thought that perhaps an unscrupulous developer had hijacked Armor for Android’s name and was just basically stealing money. I gave Armor for Android the benefit of the doubt. But that didn’t last long, because, if you go to the developer’s website as linked from within Google Play, you can find the free version of the app available for download and it is exactly the same app as the one being offered via the scareware.

The irony in this story is that if you submit the Armor for Android .apk file to VirusTotal.com it reports it as malware! Many of the major Android security apps report it as harmful or at least as a Potentially Unwanted Program (PUP).

To protect yourself from Armor for Android, don’t click on any ads which try to scare you into downloading the app. If you did download it then don’t install it. If you did install it then remove it immediately. If you subscribed to their service then cancel the subscription immediately. If you have problems cancelling, then, according to their website, “all fees and charges are 100% refundable. Please call 1-800-910-6786 (Toll Free US) or 0-800-098-853 (Call Collect outside of US), if you have questions or problems, use consumerinfo@armorforandroid.com”

If you have bought Armor for Android or have seen the scareware ads please share your experience below in the comments.

Comments

  • MasterMuffin

    If you’re reading this comment and you actually bought this app, you’re an idiot :)

    • Android Guru

      i never gave any attention to these kind of viruses

    • Carl A. K. Sverdrup

      What if you didn’t read the comment but actually bought the app?

      • MasterMuffin

        Touche ;D

    • Ivan Myring

      What if you did buy the app but are too stupid to read the comment?

      • MasterMuffin

        Then I don’t know how you even managed to use your device to install it!

        • Ivan Myring

          Banging their forehead against the screen whilst saying “uuuh… I used to have iPhone….. Uuuugh”

          • MasterMuffin

            lol :D

    • AA :P

      but im pretty sure that would be a clueless average joe, sadly :(

      the chances of finding him on such forums as this are close to zilch.

      • MasterMuffin

        Even the most average of all can’t be that stupid… I hope

        • AA :P

          you’ll be surprised :)

    • john smith

      To Be fair at least the viruses they say you got are actually real viruses

      • john smith

        Its still total bullshit though I agree

  • Jayfeather787

    I hate antivirus apps.

  • Stevee

    Damn rat bastards, my phone came with Lookout it’s free, seems to be legit so I’ll keep it.

  • Al Ricci

    I’ve seen this message at least a dozen times over the past month. Bastardos!

  • avyfa

    Lol, only an idiot would buy these apps.

  • AA :P

    aah… devious social engineering, but $550 is pretty hefty. someone should a reverse scam on them like the 420 eaters :)

  • rubbaluvva

    lol designed to target the completely clueless

  • taz89

    Yep saw these bs virus detected pop ups.. Super annoying hope google can somewhere get rid off

  • TJG

    i think the point of this article is not in the purchasing of a scam app but rather why the hell am i getting the pop up in the first place? it showed up on my nexus 5 right after i set it up for the first time when UPS came… so hopefully Google takes notice and do something about this, i’ve never installed and will not in the future any kind of antivirus software since i trust Google is doing a good job protecting Android but this pop-up gotta go!

    • guy990 .

      all down to what you installed when you got your phone, by default Android doesn’t give antivirus pop-ups, only sync services and app updates.

  • districtjack

    I’m amazed that AV Test certified this crap. AV Test is supposed to be the gold standard for testing antivirus apps. Makes ya wonder…

  • Alex Ohannes

    Could it potentially place my Google account in jeopardy if I were to flag the app?

  • j7981

    ARE YOU KIDDING ME
    http://i.imgur.com/Sk8NKQw.jpg

  • Ill fuck u up cunt

    Why doesn’t someone simply slit the developers throut ? And blled the foul cunt like a pig.

  • lasse øksbro

    Great product

  • Sophie

    I have been finding charges on my bank account from this app but have no app installed on my phone! It has been taking out $55 a month and I don’t know where it is getting the details from!

  • jeff smith

    this shit was on my android, and I would like to strangle the developer! To get anything for free you have to “take ” their crappy add-ons, then uninstall. We all do this in our sleep now!

  • jeff smith

    MM, your kind of a dick!

  • Gallib

    how can I get my money back please

  • Trinity

    I was just browsing on the internet when suddenly, this pop up came and said that this website had hacked into my phone. Since I wanted to be safe, I downloaded the android app, but it only did a quick scan. The only threat it found was that the app was “unstable”. Then, when I read this article, I knew it was just an ad. Thanks for the info!

  • standinginmotion

    I downloaded and installed this app and my other security app, 360 Security, warned me that it wasn’t good so I uninstalled it and cancelled everything and it’s still putting charges on my card. Thank you for putting this on here because without this I wouldn’t have known to call that number. I will be doing that now.