Accessibility Clickjacking - The Next Evolution in Android Malware

upnorth

upnorth

Level 68
Thread author
Verified
Top Poster
Malware Hunter
Well-known
Jul 27, 2015
5,458


Quote : " We showed how modern mobile malware can evade detection by malware scanners that rely on signatures, static and dynamic analysis approaches. Then, we uncovered a working Android malware PoC that can persistently monitor all of a victim’s activity, and allow attackers to read and possibly compose corporate emails and documents via the victim’s device, as well as elevate their permissions to remotely encrypt or wipe the device.

One of the most interesting traits of this kind of malware is its low footprint: it does not require rooting the device and asks for limited permissions upon installation. Yet, this malware is able to circumvent many of the protections that most users assume are reliably protecting their Android devices and compromise corporate resources used via the device. "

Source : “Accessibility Clickjacking” - The Next Evolution in Android Malware that Impacts More Than 500 Million Devices » Skycure

That's a reson why you should think twice about turn on Accessibility even if it's a long process as shown here :



Getting malicious apps available on Google app store is a totaly different question/topic...
 
  • Like
Reactions: LabZero, Ink, Morvotron and 6 others
I

Ink

Administrator
Verified
Jan 8, 2011
22,489
I was about to post a thread about "Do not use Accessibility Services on Android", then I saw your thread.

Full Article: Android device encryption user interface flaw

TL;DR:
Don't get tempted by any app asking you to enable its Accessibility Service. It will change your encryption password to the Android default one allowing everyone to decrypt the "encrypted" data. The PIN you enter at powering on your device may not be used for encryption at all - without a warning given.

If you use encryption on your Android device, follow these steps now:
  1. Open up the Accessibility settings menu.
  2. If a Accessibility Service is listed there at the top, disable it.
  3. Change your screen lock PIN/password/pattern whatever to reset the encryption password. Make sure to tick the "Require PIN to start device" option.

Above is one of the reason why I switched back to Bitdefender Free from AVAST Mobile Security, your Android AV app may impose a security risk to your Encrypted Android device. Think twice before enabling Accessibility Services for any app including your Antivirus for Android.
 
  • Like
Reactions: LabZero and upnorth
jamescv7

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
That feature is already big problem or loss, since its easy to create malware with the help of recording key strokes. A complement reason to choose another alternative mobile OS if you are concern on security.
 
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • Like
Malware News SpyLend Android malware downloaded 100,000 times from Google Play
Replies
0
Views
551
Security News
Gandalf_The_Grey
Gandalf_The_Grey
silversurfer
    • Like
New Update The First Beta of Android 16
Replies
1
Views
441
Android & WearOS
Bot
Bot
enaph
    • Like
    • +Reputation
    • Wow
Security News Fake Avast Antivirus Sites Are Spreading SpyNote Android Malware
Replies
1
Views
690
Security News
Studynxx
S

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top