Getting infected with malware is not an isolated risk if you usually download apps as APK files, even if you install them via Google Play. And there are three permissions you should pay special attention to because they are essential to evade malware: access to SMS, accessibility and reading of notifications.
Unfortunately for those of us who use Google’s operating system, suffering from the inconveniences of malware is more common for us than for iPhone owners. And not because the system is more vulnerable, but because it has two characteristics that make said Android more attractive to attackers: the mobile phone market is huge (there are more possibilities to find a mobile phone to attack) and has more doors through which to access devices.
Android has more access points to devices
The differences between the systems are not so exaggerated at the user level, since both behave very similarly, most of the important applications are common to both Android and iOS They were copying each other from the beginning. Yes, they clearly differ in their permissiveness: Android offers more installation options to the user, iOS restricts the installation of applications to the App Store. Even despite the recent opening in Europe.
While it is possible to get infected with malware on iPhone, the most common malware news is associated with Android.
Google has closed the system over the years by splitting the generic APIs into restrict access to very specific parts of the systemthose that are more delicate because of the information they handle. However, there are some permissions that, due to the particular needs of certain uses, do not allow a complete closure to be applied. Access management is the responsibility of the owner of the Android device.
Every time you download an app from Google Play, or install it in APK format, This is associated with a series of permissionsthe accesses that the application has opened by default. There are other permissions that the application must ask the user for, this is where we must be especially careful.
Accessibility, SMS and notifications, the three key permissions
Accessibility permission requested by malware installed in APK
Malware usually disguises itself as a regular application that, after being installed, asks the user for permissions in order to run its malicious tasks in the background. Since it is common accept permissions whether the app needs them or notThe malware eventually executes its tricks to inject advertising into the mobile, steal banking passwords or subscribe to services prime on the Web.
There are three permissions in Android that are essential for malware to perform its functions against the user. They are as follows.
Accessibility Authorization
Designed to make it easier for users with limited access to their Android, the Accessibility permission has ultimately become a breeding ground for malware. Google has imposed some notable restrictions on Accessibility services, but they remain sensitive.
If an app asks for an accessibility permission, be wary. It doesn’t have to be dangerous, as some options are only available after you accept this permission, but you should have maximum control. That the app doesn’t offer you security or doesn’t need additional permissions to perform its functions? Do not grant accessibility permission. Nor any other for that matter.
Access to notifications
Malware uses this permission to get information about one-time codes that arrive on the phone. Since by giving you access to notifications, any app can know what’s in the messages, this allows you to copy the two-step confirmation keys. Then paste this authorization code into a form hidden from the user’s view and the malware can authorize banking operations to contract services on a website.
Reading SMS
Since many security codes arrive in the form of a text message, the fact that a malicious app is able to read SMS messages means that can authorize banking transactions without the user realizing it. This SMS permission is deprecated in newer versions of Android, Google has released an SMS API to prevent abuse.
Bonus: App Overlay
You should be very careful with apps that overlap with others, because if you have permission, the malware can appear on the screen invisibly, capturing what the user types on the touchscreen, including passwords.
How to terminate permissions
We have already seen which permissions open the door to malware on Android, now it is time to review the list of applications that have requested them so that remove access to the most dubious. Our recommendation is clear: remove permissions in all apps you can, or even delete the apps themselves. If you don’t know what you’re using it for, throw it away.
- Enter your Android settings.
- Go to “Applications” and navigate to “Permission Manager”.
- Go to “SMS” and check which apps are using the permission. End with the ones that seem suspicious to you.
- Go back to the previous menu and enter “Device and app notifications”. The specific name may vary.
- Monitor which apps can read notifications and eliminate the most questionable ones.
- Go back and enter “Applications with special access”.
- Go to “Show on other apps” and as before: check that only those that really need it have permission.
- Finally, go back to the Android general menu and enter “Accessibility”.
- You will see which apps have requested accessibility permission and whether you have granted it (otherwise a “disabled” message appears). It is extremely important that only trusted apps have access to this.
Cover image | Ivan Linares
In Xataka Android | WhatsApp loves scams. Here’s how this dangerous scam that can empty your bank account works
In Xataka Android | How to Fix WiFi Connection Problems on Android Mobile
Table of Contents
