Industry News

Android users offered $5 refund for useless anti-virus app

Earlier this month it was revealed that well over 10,000 Android users had bought an anti-virus app for $3.99 in the official Google Play store.

The Virus Shield app, which claimed to “protect you and your personal information from harmful viruses, malware, and spyware”, duly shot to the top of the charts, achieving an impressive 4.7 out of 5 rating from its users.

There is only one problem. The app was useless. It didn’t actually scan for or remove any malware. Instead, it just changed a red “X” graphic to a red tick mark.

Did you get your money’s worth? I thought not.

The app’s developer Deviant Solutions tried to convince the world’s media that it had made an honest mistake, claiming it had never intended to scam customers, but that it had mistakenly updated an early test version of its user interface rather than one with any actual anti-virus code.

Jesse Carter of Deviant Solutions spoke to The Guardian after the app was removed from the official Google Play store:

“One of our developers simply made a foolish mistake. The app version that was decompiled by AndroidPolice was not intended to be released. It was an early placeholder that our ui designer created. There was a mix-up between the version that contained the antivirus code for our app.”

That’s quite a mistake to make, it has to be said. You would certainly hope that someone developing an anti-virus product, who should be earning the trust of users, would have some processes in place to ensure that they are uploading the correct version of their software and that (at the very least) it detects *some* malware rather than zilch.

After all, if you can’t rely on them to test the product they are making available to the world, would you trust them to scan the files on your Android device? How would you know they weren’t going to make a complete pig’s ear out of that too?

Furthermore, damage is done to the anti-virus industry by farces like this. The truth is that malware is a serious and growing problem on Android devices, and users should be enabling protection to defend their data from hackers and scammers.

When a top-selling Android anti-virus app is shown to do nothing at all except change a graphic from an red “X” to a red tick, it’s totally understandable that some users might think all security software is a similar joke.

Whether you believe that Deviant Solutions were pulling a fast one or merely incompetent is for you to decide – but one thing is clear: lots of people have been left out of pocket.

So I was pleased to see Android Police report that Google is now issuing refunds and an extra $5 Play Store credit to Android users who purchased the phony app.

If you purchased Virus Shield while it was available from the Google Play store, you should have received the following email from Google:


We’re reaching out to you because you recently purchased the “Virus Shield” app on Google Play.

This app made the false claim that it provided one-click virus protection; in reality, it did not.

Google Play’s policies strictly prohibit false claims like these, and in light of this, we’re refunding you for your “Virus Shield” purchase. You should see funds returned to your account within the next 14 days.

Additionally we’d like to offer you $5 promotional credit1, which can be used to purchase digital content on Google Play such as apps, games, books, music and movies.

Your credit redemption code is XXXXXXXXXXXXXXX. Click or tap here to redeem. For help redeeming, please visit our Help Center.
We’re sorry for any inconvenience this may have caused; rest assured that we’re always working to make Google Play better for our users.

Thank you,

Google Play Support

Google is clearly keen to make up for what was the latest embarrassing incident to impact its official app store, going beyond simply offering a refund but also offering a credit which can be used to purchase more items.

That’s great. I’m glad to see them take responsibility for their part in this fiasco.

However, I would really like to see Google go further, and become more proactive in policing its App Store, which has in the past been bedevilled not only with useless apps like Virus Shield but also downright malicious software designed to steal and scam from innocent users too.

About the author


Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by companies such as Sophos, McAfee and Dr Solomon's. He has given talks about computer security for some of the world's largest companies, worked with law enforcement agencies on investigations into hacking groups, and regularly appears on TV and radio explaining computer security threats.

Graham Cluley was inducted into the InfoSecurity Europe Hall of Fame in 2011, and was given an honorary mention in the "10 Greatest Britons in IT History" for his contribution as a leading authority in internet security.