Security News > 2023 > November > New SecuriDropper Malware Bypasses Android 13 Restrictions, Disguised as Legitimate Applications

A new malware is bypassing an Android 13 security measure that restricts permissions to apps downloaded out of the legitimate Google Play Store.

A new report from ThreatFabric, a fraud protection company, exposes SecuriDropper malware, which is capable of bypassing Android 13 restricted settings.

The SecuriDropper malware uses the same installation method as legitimate software from the legitimate Google Play Store.

Once permissions are given, the malware checks if it already exists on the device; if it does, the malware runs, and if it doesn't, the malware shows the user a message telling them something went wrong and the user needs to click a reinstall button.

Figure A. The malware has been observed disguising itself as various Android applications such as Google Apps or Android updates, video players, security applications or games, followed by email clients, adult content, music players and other apps.

Its installation via SecuriDropper enables the SpyNote malware to keep infecting devices, even on Android 13, without needing to change its code.

News URL

https://www.techrepublic.com/article/securidropper-malware-bypasses-android-13-restrictions/