Google Addresses Android's Biggest Security Problem: Accessibility Services

LASER_oneXM

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
Google has emailed Android app developers and has informed them of plans to remove all apps that misuse the Accessibility service from the Play Store.

The Android Accessibility service is an Android API designed to help app developers create apps for users with disabilities. The API works by allowing an application programmatic access over actions that in normal circumstances require user physical interaction. For example, the Accessibility Service can mimick taps and swipes on UI elements to navigate users through various screens.

This is a very powerful feature, one that malware authors also noticed and incorporated into their malicious apps. For years, these malicious apps have relied on tricking users into granting them access to the Accessibility service. Once they gained such access, it was game over, as this allowed the malware to install itself as device admin, download and install other malware, and execute various operations in the phone's background.

Accessibility services are currently often found in banking trojans, mobile ransomware strains, click-fraud bots, adware, and about any other malware category. Attacks like Cloak & Dagger and Toast Overlay Attack heavily rely on it.
Click to expand...

Google will ban any app that misuses Accessibility service
In an email (embedded below) sent out last week and shared on Reddit, Google told developers that it plans to remove all apps that utilize the Accessibility service from the official Play Store unless the Accessibility service is actually being used to power a feature for users with disabilities.

GoogleEmail.png


Developers are expected to show a visible explainer to users with how and why they're using that service. They must also disclose on the app's Play Store page that they use this service by adding "This app uses Accessibility services" to its description.

Developers have 30 days to comply and update their apps. Developers who can't update their apps were kindly asked to remove the apps from the Play Store themselves.
Click to expand...
Malware will just move to third-party app stores
Google hopes that this new requirement will make it harder for banking trojans to slip into its official Play Store.

The downside is that in 30 days Google will also kill hundreds, if not thousands of apps that use the Accessibility service in a non-malicious, but creative ways. This includes battery "doctor" apps, phone key remapping apps, some password managers, status bar replacement, and more.
Click to expand...
 
  • Like
Reactions: XhenEd, lowdetection, DeepWeb and 2 others
You must log in or register to reply here.

Similar threads

silversurfer
    • Like
    • +Reputation
Malware News Anatsa Android Trojan Bypasses Google Play Security, Expands Reach to New Countries
Replies
0
Views
901
Security News
silversurfer
silversurfer
upnorth
    • +Reputation
    • Like
    • Wow
Android Malware steals credentials using Optical Character Recognition
Replies
0
Views
961
News Archive
upnorth
upnorth
silversurfer
    • Like
    • +Reputation
Zanubis Android Banking Trojan Poses as Peruvian Government App to Target Users
Replies
0
Views
1,181
News Archive
silversurfer
silversurfer

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top