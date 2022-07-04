Being infected with malicious software is not an isolated risk if you are used to downloading applications in the form of APK files, even if you install them through Google Play. And there are three permissions that you should pay close attention to as they are essential for most to infect you: access to SMS, accessibility and reading notifications.

Unfortunately for those of us who use Google’s operating system, suffering from the inconvenience of malicious software is more common for us than for iPhone owners. And not because the system is more vulnerable, but it does have two characteristics that make more attractive to attackers: the number of mobile phones is gigantic (there are more possibilities of finding a mobile to attack) and has more s through which to access the devices.

Android has more gateways to devices

The differences between systems are not so exaggerated at the user level since both behave in a very similar way, most of the important applications are common and both Android and iOS they have been copying each other since they began their journey more than thirteen years ago. Yes, they are clearly distinguished in permissiveness: Android offers more installation options to the user, iOS restricts the installation of applications to the App Store.

Although it is possible to get infected with malware on iPhone, the most common is that news related to malicious software remains associated with its opponent. Google has been closing the system over the years by dint of dividing generic APIs for restrict access to very specific portions of the system, those that are more delicate due to the information they handle. Even so, there are certain permissions that, due to the particular needs of some uses, do not allow a complete closure to be applied to them. Access management rests with the owner of the Android device.

Every time you download an application from Google Play, or install it in APK format, it has a series of permissions associated with it, some accesses that the application has open by default. There are other permissions that the app must request from the user, it is precisely here that we must be especially careful.

Accessibility, SMS and notifications, the three key permissions

Accessibility permission requested by malware installed in APK

Malware is often disguised as an ordinary application that, after being installed, asks the user for permissions in order to run its malicious tasks in the background. Since it is usual accept the permissions regardless of whether the application really needs them or notthe malware ends up executing its arts in order to inject advertising into the mobile, steal bank passwords or subscribe to services premium in the web.

There are three permissions in Android that are key for malware to perform its functions against the user. They are the following.

accessibility permission

Designed to make it easier for users with difficulties to access their Android, the accessibility permission has ended up becoming a malware sieve. Google plans to fix this issue by cutting off access in Android 13, but not yet available for most users.

If an application asks you for accessibility permission, be suspicious. It does not have to be insecure since there are options that are only available after accepting this permission, but you do have to have maximum control. That the app does not awaken security or in principle does not need added permissions to perform its functions? Do not give accessibility permission.

Access to notifications

The malware uses this permission to obtain information on the one-time codes that arrive on the phone. Since giving you access to notifications allows any app to know what’s in messages, this allows you to copy the confirmation keys that reach those applications configured with two-factor authentication. Then it pastes that authorization code in a form hidden from the user’s view and the malware can authorize banking operations to contract services on a website.

SMS reading

As many security codes arrive in the form of a text message, the fact that a malicious app is able to read SMS means that can authorize banking operations without the user realizing it. This SMS permission is deprecated within newer versions of Android.

Extra: app overlay

You have to be very careful with applications that overlap others because, if you have permission, the malware can be displayed on the screen invisibly, capturing what the user types on the touch panel, including passwords.

How to curb permits

We have already seen what permissions open the door to malware on Android, now it’s time to review the list of applications that have requested them so that remove access to the most dubious. Our recommendation is clear: remove the permission in all the applications you can, even kill the apps themselves. If you don’t know what you’re using it for, throw it away.

Enter the settings of your Android.

Go to “Applications” and access the “Permission Manager”.

Go into “SMS” and check which apps use the permission. Get rid of those that seem doubtful to you.

Go back to the previous menu and enter “Device and app notifications”. The exact name may vary.

Watch which apps can read the notifications and eliminate the most doubtful ones.

Go back again and go to “Applications with special access”.

Go to “Show above other applications” and the same as before: check that only those that really need it have the permission.