500 Million Android Devices At Risk Of Accessibility Clickjacking Malware: What You Should Know

6 March 2016, 1:54 am EST By Vincent Lanaria Tech Times
Pokemon Go gameplay: Playing Nintendo's hit smartphone app on the streets of London
More than 500 million Android devices are susceptible to a new form of malware called accessibility clickjacking. It can steal text-based information from any device or even remotely wipe it.  ( Justin Sullivan | Getty Images )

A new malware dubbed "accessibility clickjacking" is making rounds, putting more than 500 million Android devices at risk.

It's arguably one of the cleverest ways to invade a smartphone, in turn making it one of the most dangerous ones as well.

The mobile security company Skycure brought this malicious software to light. It works by deceiving users into clicking on certain objects that's placed on a harmless-looking layout, but in actuality, they're setting up an entryway for hackers to get into their devices.

What's in danger here is all text-based sensitive information. More than that, however, it can grant intruders the capability of executing actions via the operating system or apps without the victim's knowledge.

Skycure listed down some examples of what hackers could get their hands on, referring to "personal and work emails, SMS messages, data from messaging apps, sensitive data on business applications such as CRM software, marketing automation software and more."

When accessibility has been enabled, the cybercriminal can modify admin permissions and even implement a new Device Admin. That means they can encrypt the storage, disable the passcode or even wipe the device remotely.

The number of vulnerable devices goes for up to 65 percent, and this consists of Android units running any version between Android 2.2 Froyo and 4.4 KitKat. In other words, Lollipop and Marshmallow device owners don't have anything to worry about.

To steer clear of this issue, Skycure recommends users to update to the latest Android version as soon as it's available, avoid clicking any dialogue box unless it's from a verified source and to not install anything from third-party app stores.

It also advises users to go to Settings, head on to Accessibility and check whether there is a group named Services or any enabled entry. One last security measure it suggests is to download a mobile threat defense app such as the Skycure App from the Play Store.

Watch the videos below to see how this malware works, with Skycure using a game based on Rick and Morty.


© 2017 Tech Times, All rights reserved. Do not reproduce without permission.

From Our Sponsor

How To Shop Smart: 5 Characteristics Of A Smart Shopper

You may love shopping, you may be a bargain hunter....but are you a smart shopper?
Real Time Analytics