SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image

Appdome unveils advanced Anti-Malware protections against Android accessibility service threats

Appdome, a leader in mobile application security, has announced its new anti-malware protections designed to detect Android Accessibility Service Malware. The protection targets threats such as Xenomorph, Brasdex, Octo, Sharkbot, Flubot, TeaBot, PixPirate, Sova, Spynote, and Joker. These are malicious software used in large scale attacks on mobile banking apps, crypto wallets, and other financial services apps.

Despite being created as an Android framework to aid disabled users with their mobile applications, Android's Accessibility Service has quickly turned into a playground for fraudsters. Abusive individuals carry out cyberattacks by deploying malware that connects through Accessibility Service into sensitive applications, like banking and mCommerce platforms.

Appdome's CEO Tom Tovar, shed light on the severity of the issue, saying, "Once the Accessibility Malware is on a user's device, it can listen, collect, intercept and manipulate Android Accessibility Service events to perform harmful actions without the user's knowledge." Fraudsters often mimic human actions within the mobile app, such as harvesting login credentials and completing transactions. Advanced variants like BrasDex and Xenomorph even employ Automated Transfer Systems (ATS) malware, capable of executing end-to-end transactions without a user's active involvement.

The overall threat this malware poses led to the development of the new defense, explained Tovar. "This is a difficult problem to solve. To support the community, we created a defence that allows legitimate use of Accessibility Service, while at the same time prevents ATS malware from using Accessibility Service for nefarious purposes."

Appdome's new Prevent Accessibility Malware feature includes numerous protective measures. These involve multiple detection methods for ATS Malware, detection of potential methods used by ATS Malware in the context of Accessibility Service, and setting Trusted Accessibility Services. This way, brands can recommend trustworthy Accessibility Service applications to users. To further bolster these measures, Appdome also included an Accessibility Service Consent feature that allows users to approve specific Accessibility Services applications for use with their apps.

Richard Stiennon, Chief Research Analyst of IT-Harvest, supports the necessity for such a solution, stating, "In this age of digitisation, we have to provide safe and secure mobile application experiences for all mobile end users. The Android Accessibility Malware attack vector is one such case that demands an extra layer of defense."

Appdome's Cyber Defense Automation platform enables developers and cybersecurity teams to seamlessly build in protections against Accessibility Service Malware into any mobile app. This eliminates manual coding and simplifies the Defense Automation process. This comprehensive security approach underlines Appdome's ongoing commitment to providing safer mobile app experiences for all users, the best defence against threatening malware."

Follow us on: