Best daily deals

Affiliate links on Android Authority may earn us a commission. Learn more.

How to scan an Android phone for malware

As with your computer, antivirus and anti-malware apps are important.
July 18, 2023

Some people will tell you Android phones are immune from viruses and malware, but there have been plenty of examples where apps containing adware and malware have been found on the Google Play Store. Just last summer, Bleeping Computer reported on a new batch of Android malware apps spotted on the Google Play Store. Google Play Protect can tell you if your app is in any way different from the version they are keeping at the Store. But what if the original, Google-approved code was bad?

Clearly, there is a role to play for anti-malware apps that can scan an Android phone for viruses and other malware. Many of the products available for Android devices are from the same companies that have been protecting PCs for years. But once any current infestation is removed, there are still future threats to consider. Let’s assemble the components of a successful Android security strategy.


To scan an Android phone for viruses and malware, download a reputable anti-malware app from the Google Play Store and have it scan your phone for suspicious code. After the scan, go over your apps list and delete any app you do not remember installing. We've rounded up some of the best anti-malware apps for Android to help you choose the app that suits your needs.


Can Android phones get viruses or malware?

Samsung Galaxy S23 Ultra Green Front Display Over the Shoulder
Harley Maranan / Android Authority

A virus is a particular kind of malware that behaves in a specific way. It duplicates itself inside the operating system or app code, the same way a biological virus inserts its genetic code into human cells. While Android phones don’t usually contract this particular kind of security threat, there are other forms of malware (the larger category that contains viruses and other malicious code) that can achieve the same goals as those of the makers of a virus: to get at your information, damage your phone, or hold it for ransom.

Android phones usually acquire malware via the phone’s owner being tricked into downloading it. It could come in a downloaded app, an attachment to an email or SMS text, or downloaded content from a website. It could even come from another phone if you connect the two together.

If your phone has slowed to a crawl, is burning through its battery very quickly, or is restarting over and over, it could be due to malware. If the same app starts crashing repeatedly, if you see ads popping up in apps that don’t normally have ads, if your phone suddenly starts overheating, or if you see an app on your phone that you don’t remember installing, it is likely you have an unwanted guest in your phone. So what should you do?

How to check for viruses or malware on Android

The first thing you need to do is scan your Android phone for malware. There are a host of anti-malware apps for Android OS. Most offer a free version with basic functionality and charge for the deluxe version. The majority of Android owners will do just fine with the free version (for instance, many people do not want a VPN). These apps are very easy to operate, with most featuring a large Scan button when you open the app. Of the apps listed in our article linked above, Bitdefender Antivirus is an excellent choice. It is lightweight and delivers decent functionality in its free incarnation.

Scan your phone for malware using Bitdefender Antivirus

Here’s how to use Bitdefender Antivirus to give your phone a clean bill of health:

  • Download and install the app, then launch it.
  • Tap on the Scan device button, and Bitdefender will begin scanning your phone for malware.
  • When the app finishes scanning, it will display the results.
  • We got a clean bill of health on this scan. If Bitdefender finds malware, it will delete it automatically. If this is not possible, it will give you the choice to disinfect the offending file, delete it, or move it to quarantine. Most anti-malware apps work in a similar fashion.

Remove any non-Play Store apps

Now you have determined that your phone is not currently infected, you need to consider the possibility that there is a corrupt app on your phone that simply hasn’t made its move yet. If there is an app on your phone you did not download from the Google Play Store, it’s likely to be suspicious because apps are usually unavailable in the Google Play Store for a reason.

Sometimes it’s because an app performs a function that violates a company’s terms of service. And other times, it’s because the makers or distributors of the app want to put spyware or other malware in their app. They know Google will not allow that. Although infected apps do sometimes appear in the Google Play Store, Google regularly scans its stock to remove malware. If you want to ensure your device is secure, it’s best to delete all apps from your phone or tablet that you did not download from the Google Play Store.

What about the future?

Keeping your Android device free from malware going forward is a matter of vigilance. Here are some steps you can take to make sure no malicious code finds a beachhead in your phone:

  • Continue to take all the normal security steps you probably already make a habit of, including never clicking on links in emails or text messages unless you are 100% sure they are safe and locking your phone with a PIN when you will not be using it for a while.
  • You can employ an antivirus app on your device. For real-time protection, consider a monthly subscription. That said, antivirus software on a PC is pretty much a necessity. With Android, if you follow basic security practices like not opening suspicious messages and emails, avoiding third-party apps outside of the Play Store, and other similar precautions, you might find that antivirus software is not necessary for all users.
  • Google Play Protect is a feature of the Google Play Store that can scan the Play Store apps you have on your phone or tablet and compare them to the versions in the store. Any app that has been altered on your device will be flagged. If you use only Play Store apps and scan with Play Protect regularly, it will be difficult for anyone to corrupt your device. Search for Play Protect in the Play Store to access the tool.
  • Every update to the Android system has included security fixes and solutions for known vulnerabilities in the previous version. The longer an Android version is available to the public, the greater the chance that someone can exploit these vulnerabilities as more and more hackers find out about them. In between version updates, there are also smaller Android security updates. You should install these as soon as they are offered.
  • Turn off password saving. It makes a hacker’s job much easier when your passwords are stored on the very device they are trying to invade.
  • If you notice performance issues with your phone, it may be caused by somebody spying on your smartphone or tracking you. Here’s how to tell if that’s what’s up and what you can do about it.


All viruses are malware, but not all malware is a virus. A virus is one kind of malware that spreads by copying itself into your phone’s operating system or app code. Malware could be a virus, or it could be ransomware, or adware, or a worm. Viruses are a subset of all malware.

Android does. There are more Android phones in the world than iPhones, so they are a more attractive target for malware makers. There are also more opportunities to infect an Android device because you can download Android apps from places other than the Google Play Store. This gives bad actors a way around Google Play Protect and into your device. The only way to download an app to an iPhone that is not from the Apple Store, with its vaunted security procedures, is to jailbreak the phone.

No. It is very difficult to corrupt an Android phone to the point where you would have to discard it. If your phone is extremely infected, you can always revert it to its factory state and start from scratch.

Clicking on links in text messages can take you to malicious websites. And hackers can even use Bluetooth to push virus-infected files that an unsuspecting person might open.