Mumbai: The central government has issued an advisory warning citizens about sophisticated Android malware known as “Android God Mode”, which misuses accessibility permissions to gain unauthorized control over devices. The National Cybercrime Threat Analytics Unit (NCTAU) has observed a sharp rise in highly sophisticated Android malware variants, technically classified as “Android God Mode” threats. These malicious apps convincingly impersonate banking, public, and utility services. By coercing users into granting elevated Android permissions, these threats achieve near-total control over the device, enabling stealthy overlay attacks and the real-time theft of sensitive financial and personal information. At the core of this activity is the systematic abuse of android’s accessibility services, which are being exploited at scale to compromise android users.
Malware delivered via WhatsApp, phishing links
"The malicious Android (apk) file is initially delivered via phishing links or through WhatsApp as a dropper application. This dropper, which deceptively masquerades as google play services, subsequently installs the actual malware on the device. It utilizes advanced evasion tactics, including zero-length base APKs to bypass standard security detections. Upon installation, the application persistently prompts the user to enable accessibility services, often redirecting the user to the device’s Accessibility Settings under the pretext of being required for the app’s “essential” functionality. Additionally, the application manipulates user consent to set itself as the default launcher, thereby gaining further control over the device," stated the advisory.
According to the advisory, these malwares feature anti-hibernation exemptions to remain hidden and resident. These applications are designed to attempt reinstallation from device backups if uninstallation is detected. "Ensure app installations are done only through verified sources, prefer the Google Play Store or other official platforms. Ensure all suspected or related malicious applications are removed. After uninstalling, reboot the device normally and review the installed apps list again under settings. If the malicious apps reappear, perform a Factory Data Reset to fully restore the device," the advisory stated.
To get details on exclusive and budget-friendly property deals in Mumbai & surrounding regions, do visit: https://budgetproperties.in/
