How to Scan APK Files to Check Whether They Have a Virus

Mobile Malicious Software Application Development Sandbox Debug Flat 3d Isometric Code Programming Technology Antivirus Malware Concept Web Vector Illustration. Infected Smartphone Sand Box Bug Worm.

Sideloading apps on an Android device is often used as a way to bypass restrictions (such as when an app is not available in your region) or to get updates faster. Sometimes it can be the only option when a desired app is not available via the Play Store for one reason or another.

In order to make sure the APKs you are about to install are safe, it would be wise to scan them first to make sure they don’t contain anything harmful. Fortunately, there are tools that let you do that, and we’ve gathered some of them for you here.

Why It’s Recommended to Scan APK Files

Sideloading apps works well, but there are some disadvantages. For one, sideloading is not allowed on Android devices by default. You will have to allow installation from unknown sources in Settings to be able to do it. Moreover, you won’t be getting updates for these apps automatically. You have to remember to update the app manually once an update becomes available in your area.

How To Scan Apk Files For Virus Unknown Sources

A more serious disadvantage is the inherent security risk that it represents. Because APK files don’t come from the Play Store, you can’t be sure that the app is as its developer intended it to be. In some cases, APK files are pirated to bypass some restrictions (such as in-app purchases) or, worse yet, injected with malware that will compromise your phone’s security.

Colorful Different Insects, Worms And Bugs Flat Set

One way to prevent these nasty viruses from infecting your phone is to download APKs from trusted sources only. APK Mirror, for example, is generally accepted by the Android community as being a safe place to get APK files.

Another way you can prevent malware from being loaded onto your phone is by scanning your APK files for viruses before installing. There are a few services that can help you scan an APK. What follows are the best ones you can use.

1. Metadefender

Metadefender allows you to upload an APK file to be scanned by multiple antivirus engines. Files are treated as archives, meaning they will be extracted so that each individual file is scanned, but a scan of the whole unextracted APK file will be performed as well. Users can simply drag and drop their files, and a report will be compiled in a few seconds.

How To Scan Apk Files For Virus Metadefender

You can access the Metadefender service on your PC, but it’s also possible to scan files directly from your Android phone. While there’s no dedicated mobile app, you can still use it via your handset’s browser.

Metadefender can be used to scan almost anything – including IP addresses, URLs, files and more – not just APKs. So if you ever feel suspicious about something online, this is a great tool to have at your disposal.

2. VirusTotal

VirusTotal is another alternative that works similarly to the previous one. It analyzes your APK files and helps to detect all kinds of viruses and malware that may be present. The service is easy to use: just upload your files to make sure they are bug-free. Additionally, you can copy-paste URLs in VirusTotal or use the search function to check IP addresses, domains or file hash.

How To Scan Apk Files For Virus Virustotal

VirusTotal is also available as a mobile app, although its use is limited to scanning the apps you’ve already installed on your device. It can be downloaded from the Play Store for free.

How To Scan Apk Files For Virus Virustotal Mobile App

Additionally, you may want to consider installing an antivirus app on your Android device. If you don’t know where to start, you can check out our list of the best antivirus apps you can get on your phone. This way, you’ll be able to monitor the state of your mobile through regular checkups.

If keeping all your devices safe from the threat of malware is a top priority for you, then perhaps you’d like to find out whether Windows Defender is good enough in 2021 or whether you really do need antivirus software on Linux.

Related:

Alexandra Arici Alexandra Arici

Alexandra is passionate about mobile tech and can be often found fiddling with a smartphone from some obscure company. She kick-started her career in tech journalism in 2013, after working a few years as a middle-school teacher. Constantly driven by curiosity, Alexandra likes to know how things work and to share that knowledge with everyone.

2 comments

  1. Go to av-test.org and look at how effective Play Protect is then tell me again how it’s so secure to download from the Play Store.
    Hint: Play Protect detects <60% of malware.
    APKPure, F-Droid, Uptodown, Softpedia and many more are all better choices than the Play Store for getting a file without malware.

    Not a bad article but woefully inadequate and incomplete.
    Having compared Kaspersky, Bitdefender, ESET, Avast, etc on several phones and tablets the winner is Sophos Intercept X.
    It's also the most comprehensive malware protection available for Android and it's free.
    It does require about 10 minutes to configure all the options for maximum protection which is a small price to pay for the level of protection it gives.
    Of the several hundred apps I downloaded, including the AMTSO test files, or had installed Sophos was the only one to detect 4 PUA apps.
    That they were valid detections was confirmed at virustotal.com.
    For the majority of people that only use a mobile devices Sophos is the best choice.
    Kaspersky Free does not automatically scan incoming files so it gets a fail though it has the best overall long-term detection rates for Android and Windows.

    I normally download my Android apps using Windows where I have Glasswire Premium as my firewall which automatically scans any incoming file using virustotal.com. I use Kaspersky Free as AV on my Windows machines which are run as VM clients under Linux.
    Process Explorer from Sysinternals, which replaces Windows task manager, and which loads on startup, uses virustotal to scan any active processes running on the OS.
    It is a little labor-intensive to set up but in 15 plus years I've never had any malware.
    Yes it's a real email address which I do check

Leave a Comment

Yeah! You've decided to leave a comment. That's fantastic! Check out our comment policy here. Let's have a personal and meaningful conversation.