The news of Android 13 does not seem enough
When hackers launch an attack on our mobiles, they usually look for a way to access more aspects of the phone’s operating system. And the direct way to do this is to access accessibility services, which were created for something very different, to help people with some type of disability. Well, getting those permissions is something that Google has wanted to avoid with Android 13. To do this, it has made it more difficult than ever to access permissions accessibility by hackers.
Google engineers have designed a new feature for Android 13, dubbed as “restricted configuration» and that limits access to accessibility permissions to apps that have been installed from external sources, outside of the Play Store. And also to other apps that have been installed in a way that is at least suspicious. But hackers have already managed to get around these limitations imposed by Google. ThreatFabric researchers have managed to create a method that has allowed to bypass these controls by Google in the installation of malware.
Malware under development
What the researchers have realized is that the hackers are developing a new module for their malware, which would be able to bypass the installation controls of third-party sources. And it would do so with an installation of the rogue apps designed exclusively to trick Google software. For it split the malware installation into smaller APKs, with identical names, version codes, or signing certificates. All this so that the tool created by Google in Android 13 not be able to detect that it has malware in front of it that is going to seek to take control of accessibility permissions.
The method being developed by the hackers has been named as “BugDrop» and has a structure similar to Brox. Right now it is just a development in progress, and as is logical, all the alarms have been set off in Mountain View, when it was discovered that this development is well advanced and that it can bypass all the controls that the Californian firm has introduced. According to Threath Fabric researchers, when this malware is fully implemented, it will be able to completely bypass the new security measures taken by Google to prevent smartphone infections. And it is that once the accessibility services are done, hackers will be able to control our mobile without difficulties and worst of all, without us realizing it.