04/07/2014 12:50 pm ET Updated Dec 06, 2017

That Android Anti-Virus App You Paid $4 For? Yeah, It's A Scam.


For $3.99, an anti-virus app on the Google Play Store promised to scan apps, files, media and settings in real time, ridding your phone of harmful material and speeding it up with no effect on your battery life and no pesky ads to ruin the experience -- all at the touch of a button. No fancy animations of your phone being scanned, no settings to master, no added battery task manager, just easy anti-virus functionality, pure and simple. Tap a button, see a checkmark, walk away with peace of mind. If this sounds too good to be true, that's because it is.

Virus Shield, the app in question, rose to the top of the paid apps list on the Android Store in a little over a week, but according to the Android Police, the app doesn't actually do anything. Android Police revealed the app's lying ways on Sunday, and Google has since removed the app from the Google Play store.

virus shield

Virus Shield performing its primary function.

Skeptics can check out the app's fraudulent code over at the Android Police website, which breaks it down to show that it's way too simple to do all it claims it can do.

Still, Android users downloaded the $3.99 app more than 10,000 times, and collectively awarded it a 4.7-star rating. You can be certain that the earliest of those reviews are completely fake.

Just about anyone can sell an app through the Google Play store with very little interference from Google. While many Android users and developers prefer this open-source platform to Apple's tightly controlled App Store, others have found that it's all too easy to scam Google Play patrons by uploading a fake app, purchasing the app a few times, writing some good reviews, then watching users fall prey to the "everyone else is downloading this, so it must be good" groupthink.

In March, two apps on the Google Play store were found to be mining cell phones for dogecoin and litecoin (cryptocurrencies similar to bitcoin) without telling users, according to a TrendLabs report. "Mining" a victim's wallet -- not to be confused with the perfectly legal act of mining cryptocurrencies -- is a complicated process that sends coins to a "mining pool" to be copied before being transferred straight to the cybercriminal's wallet several times.

CLARIFICATION: Language has been added to distinguish the legitimate process of mining cryptocurrency from the metaphorical, criminal mining of your cyberwallet.