Users of Android are warned that there are many dangerous apps that can be found on the Google Play Store. They can rob you, wipe our bank accounts. Security experts found out that some apps are extremely dangerous. One of them is known as DEFENSOR ID, which managed to get on the marketplace by using terrifying methods.
Experts from ESET said that the makers of the app managed to avoid the Android security checks by simply limiting the malicious surface of the app to the bare minimum. The function that remained was abusing the Accessibility Service. That’s the weakest point when it comes to Android.
Lukas Stefanko, from ESET, stated: “Accessibility Service is long known to be the Achilles’ heel of the Android operating system. Security solutions can detect it in countless combinations with other suspicious permissions and functions, or malicious functionalities – but when faced with no additional functionality nor permission, all failed to trigger any alarm on DEFENSOR ID.” They added with the fact that, by “all,” they meant that all the security mechanism which were protecting the app store and the security vendors which were part of the VirusTotal programme.
A recent study has shown that the app that gets installed on the Android device will ask for a number of permissions when it is first opened. One of them is to activate accessibility services. If you agree to this, the app will be able to read any text that’s displayed in the app and then send it to attackers. These attackers can steal login credentials and important SMS details, like the 2FA codes. Let’s not forget about online bank accounts and cryptocurrency wallets. And they can get access to social media accounts.
