500 Million Android Devices Affected by 'Accessibility Clickjacking' Malware: Report

500 Million Android Devices Affected by 'Accessibility Clickjacking' Malware: Report
Advertisement
Mobile security firm Skycure has claimed that a new Android malware can allow malicious apps to access all text-based data on a device without requiring permission from the user.

The research firm has further claimed that the latest Android malware family dubbed "Accessibility Clickjacking" impacts almost all Android versions except the last two versions - Android 5.0 Lollipop and Android 6.0 Marshmallow. It adds that Accessibility Clickjacking affects almost 65 percent of all Android devices "at this point" which turns out to be over 500 million Android devices. The research firm says that the malware family affects Android devices running Gingerbread, Ice Cream Sandwich, Jelly Bean, and KitKat OS versions.

Skycure's Yair Amit explains in a blog that the malware can access personal information including emails without the consent of the user. He adds, "Clickjacking is a term for a malicious UI redressing technique that tricks a victim into clicking on an element that is different than the one the victim believes to be clicking on. This technique, which relied on the ability of malicious websites to load a seemingly benign webpage with an invisible overlay from another service (attacked service), used to be a major concern in the Web-application security world and yielded a variety of attacks against important services or frameworks, such as Facebook, Twitter and Flash."

The security firm pointed out that the Accessibility Clickjacking malware is not just a theoretical threat, and that last month a ransomware named Android.Lockdroid.E that was found by Symantec used the malware to gain admin rights. Amit suggests that once accessibility has been enabled on the targeted device, the attacker can even change admin permissions.

Skycure has also demonstrated the malware workflow by using a rat-hitting game. While the user gets an impression that they are playing the game, the malware in the background gets the accessibility via user's consent.

"What actually happens in the background might come as a surprise to the victim - his/her clicks are actually propagated to an underlying and invisible layer of the operating system - the Accessibility approval dialog. Completing the game means that the victim unknowingly approved Accessibility permissions for the "benign game," adds Amit. The mobile security firm, apart from recommending users install the Skycure App, tells users to get onto the latest version of Android; not to click on dialogue boxes; not to use third-party app stores, and verify app permissions.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: Android, Android Malware, Google, Skycure
Ketan Pratap
Ketan Pratap is the editor at Gadgets 360 - with over 12 years of experience covering the technology domain. With a breadth and depth of knowledge in the field, he's done extensive work across news, features, reviews, and opinion pieces. But what's truly inspiring about Ketan is how he spends his free time. He's often found gazing at snow-capped mountains from over 20,000 feet while sitting on the hood of his car, taking in the breathtaking beauty of nature. His passion for the great ...More
Superhot Review
Mozilla Reveals Firefox OS IoT Projects
Facebook Gadgets360 Twitter Share Tweet Snapchat LinkedIn Reddit Comment google-newsGoogle News

Advertisement

Follow Us
© Copyright Red Pixels Ventures Limited 2024. All rights reserved.
Trending Products »
Latest Tech News »