Getting infected with malware is not an isolated risk if you are used to downloading applications in the form of APK files, even if you install them through Google Play. And there are three permissions that you should pay close attention to, as they are essential to avoid malware: SMS access, accessibility and reading of notifications.
Unfortunately for those of us who use Google’s operating system, suffering from the inconveniences of malicious software is more common for us than for iPhone owners. And not because the system is more vulnerable, but because it has two characteristics that make Android more attractive to attackers: the mobile fleet is gigantic (there are more possibilities of finding a mobile to attack) and has more doors through which to access the devices.
Android has more gateways to devices
The differences between systems are not so exaggerated at the user level, since both behave in a very similar way, most of the important applications are common and both Android and iOS They were copying each other from the beginning. They do differ clearly in terms of permissiveness: Android offers more installation options to the user, while iOS restricts the installation of applications to the App Store, even despite the recent opening in Europe.
Although it is possible to get malware on an iPhone, news stories about malware are more likely to be associated with Android.
Google has been closing the system over the years by dividing generic APIs for restrict access to very specific portions of the systemwhich are more sensitive due to the information they handle. Even so, there are certain permissions that, due to the particular needs of some uses, do not allow a complete closure. Access management falls to the owner of the Android device.
Every time you download an application from Google Play, or install it in APK format, This is associated with a series of permissionsaccesses that the application has open by default. There are other permissions that the app must request from the user, and this is where we must be especially careful.
Accessibility, SMS and notifications, the three key permissions
Malware often disguises itself as a regular application that, after being installed, requests permissions from the user so that it can run its malicious tasks in the background. Since it is common accept permissions without considering whether the app needs themthe malware ends up executing its tricks to inject advertising into the mobile, steal bank passwords or subscribe to services premium in the web.
There are three permissions in Android that are key for malware to perform its functions against the user. They are the following.
Accessibility permission
Designed to make it easier for disabled users to access their Android, the accessibility permission has ended up becoming a malware hotbed. Google has put significant restrictions on accessibility services, but they remain sensitive.
If an app asks you for accessibility permission, be wary. It doesn’t necessarily mean that it’s unsafe, as there are options that are only available after accepting this permission, but you should have maximum control. Does the app make you unsure or does it not need additional permissions to perform its functions? Don’t give it accessibility permission. Nor any other, by the way.
Access to notifications
The malware uses this permission to Get information about one-time codes that arrive on the phone. Since giving access to notifications can tell any app what’s in the messages, it can copy the two-step confirmation keys. Then, it pastes that authorization code into a form hidden from the user’s view and the malware can authorize banking transactions or contract services on a website.
Reading SMS
Since many security codes arrive in the form of a text message, a malicious app being able to read SMS implies that can authorize banking transactions without the user realizing itThis SMS permission is deprecated in newer versions of Android, Google released an SMS API to prevent abuse.
Extra: App Overlay
You need to be very careful with applications that are superimposed on other applications, since, if given permission, malware can deploy itself on the screen invisibly, capturing what the user types on the touchpad, including passwords.
How to limit permits
We have already seen which permissions open the door to malware on Android, now it is time to review the list of applications that have requested them so that you remove access to the most dubious onesOur recommendation is clear: remove the permission from all the apps you can, even kill the apps themselves. If you don’t know what you’re using them for, throw them away.
- Go to your Android settings.
- Go to “Applications” and access “Permission Manager”.
- Go to “SMS” and check which apps are using the permission. Get rid of any that seem suspicious.
- Go back to the previous menu and enter “Device and app notifications.” The exact name may vary.
- Keep an eye on which apps can read your notifications and get rid of the more dubious ones.
- Go back again and enter “Apps with special access”.
- Go to “Show over other apps” and do the same as before: make sure that only those that really need it have the permission.
- Finally, go back to the Android main menu and go to “Accessibility.”
- You will see the apps that have requested accessibility permission and whether you have granted it (otherwise it will say “disabled”). It is vitally important that only trusted apps have access.
Cover image | Ivan Linares