500 Million Android Devices At Risk Of Accessibility Clickjacking Malware: What You Should Know
A new malware dubbed "accessibility clickjacking" is making rounds, putting more than 500 million Android devices at risk.
It's arguably one of the cleverest ways to invade a smartphone, in turn making it one of the most dangerous ones as well.
The mobile security company Skycure brought this malicious software to light. It works by deceiving users into clicking on certain objects that's placed on a harmless-looking layout, but in actuality, they're setting up an entryway for hackers to get into their devices.
What's in danger here is all text-based sensitive information. More than that, however, it can grant intruders the capability of executing actions via the operating system or apps without the victim's knowledge.
Skycure listed down some examples of what hackers could get their hands on, referring to "personal and work emails, SMS messages, data from messaging apps, sensitive data on business applications such as CRM software, marketing automation software and more."
When accessibility has been enabled, the cybercriminal can modify admin permissions and even implement a new Device Admin. That means they can encrypt the storage, disable the passcode or even wipe the device remotely.
The number of vulnerable devices goes for up to 65 percent, and this consists of Android units running any version between Android 2.2 Froyo and 4.4 KitKat. In other words, Lollipop and Marshmallow device owners don't have anything to worry about.
To steer clear of this issue, Skycure recommends users to update to the latest Android version as soon as it's available, avoid clicking any dialogue box unless it's from a verified source and to not install anything from third-party app stores.
It also advises users to go to Settings, head on to Accessibility and check whether there is a group named Services or any enabled entry. One last security measure it suggests is to download a mobile threat defense app such as the Skycure App from the Play Store.
Watch the videos below to see how this malware works, with Skycure using a game based on Rick and Morty.