Android Malware Uses Social Engineering to Enable Automatic App Installation
According to “tripwire”, security researchers have spotted a type of malware that uses social engineering to trick users into enabling it to automatically install apps on their Android devices.
Michael Bentley, the head of research and response at mobile cybersecurity firm Lookout, has published a blog post in which he explains how a so-called “trojanized adware” known as Shedun attempts to assume control of the Android Accessibility Service, a service which is designed to provide users with alternate ways of interacting with their mobile devices.
The malware tries to trick users with the message that by turning on “accessibilit features.
Once Shedun has assumed control of the Accessibility Service, it can then install whichever apps it wants with little-to-no user interaction and engage in “aggressive advertising”.
The malware is one of three app families–Shedun, Shuanet, and ShiftyBug–that masquerades as legitimate apps, such as Facebook and Candy Crush, on third-party Android app stores. If a user installs one of these apps, Shedun or one of the other malware will root the device and install itself as a system application, thereby making it very difficult for victims to uninstall.
As Ars Technica warns, users should be cautious when installing apps from third-party stores and should be suspicious of any apps that attempt to gain control of the Accessibility Service.