Analysis of a malware exploiting Android accessibility services
Only a few tools and remediation actions are effective to neutralize the analyzed malware
PARIS — On Android and iOS, accessibility features are available to help people use their smartphones: audio comments, subtitles, custom display, etc. Some mobile applications designed with an inclusive approach are compatible with accessibility services.
To enable these services in an application, it requires the accessibility permission. But this permission gives applications full access to the user’s device. Today, more and more cybercriminals are leveraging it to take control of smartphones and tablets. When this happens, users find themselves in a bind, unable to uninstall the app or even reset their device.