This Android Malware Placebo Earned $40,000
Malware protection for $4, with no battery impact and no ongoing subscription fee – all offered in app that takes up less than one megabyte of space on your phone.
It sounds too good to be true. It is.
But that’s what Virus Shield, briefly among the top-rated paid apps on Google Play, promised would-be buyers. What it actually did: display a nice little shield, which you could tap to “turn on” your protection.
Nothing happened when you turned it on, except for the occasional popup telling you about a completed scan – one that never happened.
You can read the source code for the app on Android Police. You’ll find references to displaying buttons and pop-ups, but nothing related to any actual protection.
It was a placebo antivirus, and people apparently liked it. The app sold over 10,000 copies in just over a week, and sported a four-plus star rating. People wrote reviews, like this:
You can read the reviews, and see sales figures, on AppBrain. These reviews may be faked, or may be written by people who sincerely thought they were being protected.
Whatever the case, the lesson is clear: caveat emptor. Google Play is scanned for malware, but no humans check the code to make sure a given app is effective – and reviews can be gamed easily enough. Check an outside source before installing anything related to security.
In this case, the app was installed over 10,000 times, meaning the developer “earned” $40,000 in just over a week. It’s since been taken down.