Security News > 2022 > August > Malware devs already bypassed Android 13's new security feature
Roid malware developers are already adjusting their tactics to bypass a new 'Restricted setting' security feature introduced by Google in the newly released Android 13.
Roid 13 was released this week, with the new operating system being rolled out to Google Pixel devices and the source code published on AOSP. As part of this release, Google attempted to cripple mobile malware that attempted to enable powerful Android permissions, such as AccessibilityService, to perform malicious, stealthy behavior in the background.
Analysts at Threat Fabric today say malware authors are already developing Android malware droppers that can bypass these restrictions and deliver payloads that enjoy high privileges on a user's device.
Researchers at ThreatFabric were able to create a proof-of-concept dropper that easily bypassed this new security feature to gain access to Accessibility Services.
In a new report released today, Threat Fabric has discovered a new Android malware dropper that is already adding new features to bypass the new Restricted setting security feature.
While following the Xenomorph Android malware campaigns, Threat Fabric discovered a new dropper still under development.
News URL
Related news
- Vultur banking malware for Android poses as McAfee Security app (source)
- PixPirate Android malware uses new tactic to hide on phones (source)
- GitHub Launches AI-Powered Autofix Tool to Assist Devs in Patching Security Flaws (source)
- Drozer: Open-source Android security assessment framework (source)
- AI hallucinates software packages and devs download them – even if potentially poisoned with malware (source)
- Winnti's new UNAPIMON tool hides malware from security software (source)
- SoumniBot malware exploits Android bugs to evade detection (source)