“Accessibility Malware” puts 65% percent of old version Android devices at risk

Android is the most vulnerable OS in the world but the “Accessibility Malware” threatens 65% of the old version Android devices

An evolutionary malware, known as the “Accessibility Clickjacking”, has been discovered by SkyCure, a US-based global mobile threat Security Company, and revealed to the world at the 25^th annual RSA conference, which is the world’s biggest cyber-security event, that just ended on Friday the 4^th of March.

In their study, the company discovered that the start of the advanced mobile malware had already impacted more than half a billion Android devices globally. This very modern mobile malware had the capability to not be detected in scanner detection, which is usually based on signatures, static and dynamic analysis approaches, the company had pointed out in its report.

The “Accessibility ClickJacking” malware which had salient traits and properties was reported to be able to “circumvent numerous security applications” therefore making vulnerable all of user’s significant data stored in the unsuspecting victim’s device, the report also noted.

The malware could monitor a victim in real time, which made it possible for attackers to read victims emails and even be able to compose emails on their own via the victim’s device and in severe cases they could remotely wipe all data on device or encrypt it that the victim would not be able to use it again.

A number of functions and capabilities had been put into web browsers and web servers in order to limit the clickjacking risk, the mobile platform was still a vulnerable platform and, therefore, it showed that Android is still susceptible to similar kinds of threats.

Smartphone users of the Android operating system were advised to be careful when playing games or running applications, as hackers were able to create simple so-called “benign” games that could automatically trigger the” Accessibility ClickJacking” in the background unbeknownst to the owner of the device.

The malware could allow malicious apps to get hold of all text based sensitive information on the affected Android devices and take automated actions via other apps or even the operating system. Malicious apps include emails, text messages, data from messaging apps, and important business applications such as CRM software, marketing automation software and more. This makes Android users vulnerable to the games and applications they download.

When let inside the victim’s device, the hackers could, therefore, change passwords. However the security did mention that the malware was only active on older versions of the Android operating system accounting for 65 percent of these devices and said that there was no reason to worry for users of the latest operating systems, Lollipop and Marshmallow platforms. Anything between Android 2.2 Froyo to Android 4.4 KitKat was most likely to be affected by ClickJacking, SkyCure noted.