Just a week after the release of the final version of Android 13, the hackers have already learned how to bypass the operating system’s new security restrictions.
According to ThreatFabric, several viruses have already been discovered that are designed to bypass the additional security measures introduced by Google. These malware are ways to ignore the ban on the use of the Accessibility Service system by ordinary applications, which was positioned as the main feature of Android 13.
Accessibility Services, as its name suggests, is an Android tool designed so that users with certain disabilities can interact with the phone. By activating this permission, the app can see, interact and collect all the data on the screen. In other words, the hacker can have full control over the phone since the original purpose is that the app can perform basic tasks that the user cannot perform.
Although with Android 13, Google imposes some limitations on Accessibility Services to partially solve the security problem. The Android 13 system now detects if an app has been installed from an app store or from outside of it. If it has been installed from outside, Android 13 prevents downloaded apps from requesting access to Accessibility Services.
Meanwhile, hackers from the “Hadoken Security” group have already created a couple of viruses that bypass protection — one of them behaves “quietly” and does not arouse suspicion.
However, it downloads a second virus that requests access to the Accessibility Service. If the user does not attach any importance to this and grants permission, then his smartphone will turn into a tool for surveillance.
Experts noted that at this stage, the detected malware has many errors in the code, which does not correspond to the level of the Hadoken Security group that was detected in the past. This means that the malware is under development, and the hackers are testing it to optimize the code.