Hackers have already targeted Google’s latest version of Android, bypassing new security features.
Malware is already bypassing the new security features of Android 13
Hackers have already found ways to bypass Android’s new security mechanisms, which are designed to stop this type of malware, using new malware. The malware that managed this feat mimics an app store to bypass the restrictions.
Security researchers from the fraud detection company ThreatFabric have uncovered the new vulnerability in a blog post. According to the post, a malicious app can pose as an app store and thus bypass the new security measures of Android 13.
As reported by Android Police, this new exploit builds on older malware that uses Android’s access services to facilitate access to private data, passwords, and more.
Unlike previous versions of Google’s mobile operating system, Android 13 no longer allows externally loaded applications to request access to the smartphone’s accessibility services. The user must first activate this via the app info screen. However, Google could remove that before the general release of Android 13.
The reason why Google has decided to make it more difficult for externally downloaded apps to access access services is the fact that malicious apps and other malware usually ask for additional permissions during installation. Now, if you download an app outside of an official app store, it will be harder for that app to access your contacts to spam or appear in other apps.
Safety function blessing and curse at the same time
There is a catch, however, as many people rely on access services to get better use of their devices. Any apps downloaded from the Play Store or third party app stores such as F-Droid or the Amazon App Store are exempt from this restriction. That makes sense, but also the crux at the same time.
The Hadoken group of malware developers are now taking advantage of this vulnerability in the form of a new exploit dubbed BugDrop. The exploit itself consists of two parts, with the first part installing a “dropper” app that works like an app store on the victim’s device. From here, a session-based package installation API is used to install another application that contains malware.
Fortunately, as ThreatFabric reports, this malware is still in its infancy and is still very error-prone. However, it could already be used to infect smartphones with malware once more phone makers roll out their Android 13 updates.
How to protect yourself from malicious software on your smartphone
First of all, you should not sideload apps on your Android smartphone, but download them from the official app stores. But here too, read the reviews – there are also black sheep in official stores.
Enabling Google Play Protect on your devices is another way to protect yourself, as Google’s own Android antivirus app scans all apps you have installed for malware and other threats.
When it comes to permissions, beware of any app that asks for permissions it doesn’t really need, like the ability to draw over other apps. Apps that require access to Android’s access settings should also be used with special caution. You should also delete apps that you haven’t used for a long time.
You Should Delete These Android Apps Immediately – Malware in the Play Store