With the arrival of Android 13 later in 2022, Google will clamp down on spammy sideloaded apps that abuse accessibility APIs. For the unaware, accessibility APIs allow developers to offer assistive features such as screen readers and read-aloud functions to help users with hearing or visual disabilities. However, bad actors have exploited Android’s accessibility privilege to seed malware and execute other serious nuisances. Take for example the MysteryBot malware, which secretly monitored touchscreen input for keylogging, allowing it to record keystrokes in sensitive scenarios such as login pages.
Malicious apps can also present a fake HTML overlay that looks like a legitimate login screen for a targeted app in order to steal authentication credentials. The Flubot malware, which made waves in 2021, sent SMSes to victims with a link to download an app that abused the accessibility access to steal login credentials of banking and cryptocurrency apps. Google has tried to curb the unnecessary use of accessibility APIs by apps listed on the Play Store, but when it comes to apps downloaded from third-party repositories, they have proved to be an Achilles' heel for the OS.
Related: Insidious New Android Malware Steals Data And Wipes Your Phone Clean
That is about to change with Android 13. Following the release of Android 13’s first public beta, Esper’s Mishaal Rahman dug into the updated app settings and found a native system that restricts accessibility APIs for sideloaded apps. Android has allowed users to manually enable accessibility access for certain apps, but the upcoming OS update might disable that manual toggle. Instead, users will see an error message that says “for your security, this setting is currently
Read more on screenrant.com