Security News > 2022 > August > Malware devs already bypassed Android 13's new security feature

Roid malware developers are already adjusting their tactics to bypass a new 'Restricted setting' security feature introduced by Google in the newly released Android 13.
Roid 13 was released this week, with the new operating system being rolled out to Google Pixel devices and the source code published on AOSP. As part of this release, Google attempted to cripple mobile malware that attempted to enable powerful Android permissions, such as AccessibilityService, to perform malicious, stealthy behavior in the background.
Analysts at Threat Fabric today say malware authors are already developing Android malware droppers that can bypass these restrictions and deliver payloads that enjoy high privileges on a user's device.
Researchers at ThreatFabric were able to create a proof-of-concept dropper that easily bypassed this new security feature to gain access to Accessibility Services.
In a new report released today, Threat Fabric has discovered a new Android malware dropper that is already adding new features to bypass the new Restricted setting security feature.
While following the Xenomorph Android malware campaigns, Threat Fabric discovered a new dropper still under development.
News URL
Related news
- Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)
- The XCSSET info-stealing malware is back, targeting macOS users and devs (source)
- SpyLend Android malware downloaded 100,000 times from Google Play (source)
- Qualcomm pledges 8 years of security updates for Android kit using its chips (YMMV) (source)
- Vo1d malware botnet grows to 1.6 million Android TVs worldwide (source)
- Google's March 2025 Android Security Update Fixes Two Actively Exploited Vulnerabilities (source)
- BadBox malware disrupted on 500K infected Android devices (source)
- North Korea’s ScarCruft Deploys KoSpy Malware, Spying on Android Users via Fake Utility Apps (source)
- New Android malware uses Microsoft’s .NET MAUI to evade detection (source)
- APT36 Spoofs India Post Website to Infect Windows and Android Users with Malware (source)