Three most dangerous Android features | Kaspersky official blog
Credit to Author: Alanna Titterington| Date: Tue, 24 Oct 2023 13:03:47 +0000
Android is a well-designed operating system that gets better and more secure with each new version. However, there are several features that may put your smartphone or tablet at serious risk of infection. Today, we take a look at the three that are the most dangerous of all — and how to minimize the risks when using them.
Accessibility
Accessibility is an extremely powerful set of Android features originally designed for people with severe visual impairments. To use smartphones, they need special apps that read on-screen text aloud, and respond to voice commands and convert them into taps on UI controls.
For those with visual impairments, this function is not just useful — it’s essential. But the very modus operandi of Accessibility is to grant an app access to everything that’s going on in others. This violates the principle of strict isolation, which is a core security feature of Android.
And it’s not just tools for helping the visually impaired that take advantage of the Accessibility feature. For example, mobile antiviruses often use it to keep an eye out for anything suspicious taking place in other apps.
But every coin has a flip side. For example, malicious apps can requests permission to access this feature set too. This isn’t surprising, since such access makes it easy to spy on everything on your smartphone: read messages, steal credentials and financial data, intercept one-time transaction confirmation codes, and so on.
What’s more, access to this feature allows cybercriminals to perform user actions on the smartphone, such as tapping buttons and filling out forms. For instance, malware can fill out a transfer form in a banking app and confirm it with a one-time code from a text message, all on its own.
Therefore, before you give an app access to Accessibility, always think carefully: do you really trust its developers?
Install unknown apps
By default, only the official store app has the right to install other programs on Android. Given an unmodified version of the system, this is, of course, Google Play. But together with (or instead of) Google Play, smartphone developers often use their own — such as Huawei AppGallery or Samsung Galaxy Store. Indeed, Android is a democratic operating system with no strict limitations on app download sources. You can easily allow any app to download and install programs from anywhere. But it’s just as easy to get your smartphone infected with something nasty this way too, which is why we don’t recommend using it.
Official stores are usually the safest sources for downloading apps. Before being published in an official store, apps are subjected to security checks. And if it later transpires that malware has sneaked in, the dangerous app is quickly kicked out of the store.
Sure, even Google Play is not totally immune to malware (alas, it gets in more often than we’d like). Still, official stores at least try to keep their house in order — unlike third-party sites where malware is endemic, and the owners couldn’t care less. A case in point: attackers once even managed to infect the third-party Android app store itself.
The most important thing to remember is this: if you do decide you absolutely must download and install something on your Android smartphone not from the official app store — don’t forget to disable the ability to do so immediately after the installation. It’s also a good idea to scan your device afterward with a mobile antivirus to make sure no malware’s appeared; the free version of our Kaspersky: Antivirus & VPN will do the job just fine.
Superuser rights (rooting)
Less popular than the two features above — but by no means less dangerous — is the ability to gain superuser rights in Android. This process is popularly known as “rooting” (“root” is the name given to the superuser account in Linux).
The designation is appropriate since superuser rights give superpowers to anyone who gets them on the device. For the user, they open up the usually forbidden depths of Android. Superuser rights grant full access to the file system, network traffic, smartphone hardware, installation of any firmware, and much more.
Again, there’s a downside: if malware gets on a rooted smartphone, it too acquires superpowers. For this reason, rooting is a favored method of sophisticated spyware apps used by many government intelligence agencies — as well as cutting-edge stalkerware that’s accessible to regular users.
Therefore, we strongly discourage rooting your Android smartphone or tablet — unless you’re an expert with a clear understanding of how the operating system works.
How Android users can stay safe
Lastly, a few tips on how to stay safe:
- Be wary of apps that request access to Accessibility.
- Try to install apps only from official stores. Yes, you can come across malware there too, but it’s still much safer than using alternative sites where no one is responsible for security.
- If you do install an app from a third-party source, don’t forget to disable “Install unknown apps” immediately afterward.
- Never use rooted Android unless you fully understand how root permissions work.
- Make sure you install reliable protection on all your Android devices.
- If you use the free version of our security solution, remember to manually run a scan from time to time. In the paid version of Kaspersky: Antivirus & VPN, scanning takes place automatically.