Virustotal for Android scans all apps for malicious contents
Apps are without doubt one of the core features that helped Google and Apple gain traction in the mobile phone market so quickly. When you browse the Android store nowadays, you get a selection of hundreds of thousands of applications for all kinds of purposes, from gaming to better navigation, social networking or Internet browsing.
While that is great, there is always the danger that apps may load malicious contents on the device. While they are checked by Google before they are published in the official store, it does not protect against malicious apps 100%. Plus, Android users can download and install apps from third party sources as well.
It may sometimes be necessary to install an app from a third party source, for instance if Google does not allow apps of its kind in the official store.
Update: Google removed the official Virustotal application on Google Play; it is no longer available. Android users can scan APK files directly on Virustotal, but there is no option available anymore to scan files using an application. End
The Virustotal application for Android has been created by the makers of the popular online virus scanning service. What makes Virustotal great is that it scans files using about 40 different antivirus engines. The idea here is that malicious code can be identified better if multiple engines are used.
Virustotal for Android
That's exactly what the Virustotal app for Android offers, but instead of providing you with the means to scan individual apk files or other files that you have stored on your Android device, it scans all installed apps automatically on start.
The scan itself may take some time depending on how many apps are installed on the device at that time. Note that the app will compute hashes and compare them to the Virustotal database, and that both user apps and system apps are scanned by it.
The results are divided into two tabs that you can switch between, with the user apps listing displayed to you by default. Each app is listed with its name and icon, and a rating. A green rating indicates that nothing malicious has been found during a scan, while red means that at least one of the scanners picked up a malicious signature.
This can be a false positive of course, and the likelihood that this is the case is rather large if only one or two of the scanners picked something up while the remaining 40 did not.
You can tap on any application listed here to display detailed scan information. This screen is divided into two tabs as well. The first highlights how many scanners have identified the application as potentially malicious, while the second displays the list of scanners and their findings individually.
You may notice that some apps are displayed in blue. This indicates that they have not been found in the database yet. You can have them scanned by Virustotal, but need an account at the service for that.
Verdict
The Virustotal application is not a realtime protection app for Android. One could say that damage may have already been done if a scan finds malicious apps running on the system. It is however still better to know about it then to be indifferent about it. Running the app can be reassuring that all user and system apps are clean.
THANK YOU again
VirusTotal has got to be one of the best things to come into existence for security in a long long time, only second to Sandboxie.
Danke sehr Martin!
There is also AVC UnDroid [beta] where you can submit APK files for security inspection.
http://avc-analyzer.info/AWS-APK/index.php