It’s not a new thing to come across adware in Android. But the case becomes really alarming when the adware is busy installing random apps to your smartphone without even asking you. Well, that’s what a new adware does. The newly found Android adware targets a bug in the way accessibility features are handled in the OS. Even if the user cancels the installation, the adware goes ahead and installs those apps without the user’s permission.
Known as Shedun, the malware downloads unnecessary and tries to exploit a bug in Android through which it can interact with the device in different ways. According to the reports by security firm Lookout, Shedun is the third adware reported this month, and belongs to the same family as the other two adwares, that have been dubbed Shaunet and Kemoge. These malwares root the device they are on and install malicious apps apart from serving ads. More than 20,000 well-known Android apps that were hosted on unofficial sites have been affected.
Shedun smartly makes the user grant it the permission for using the accessibility service. As a result, the adware can read the on-screen text and scroll through the list of permissions, finally hitting the install button automatically without the interaction of the user. Also, even if the user closes the pop-up ads, the apps get installed automatically. The main intention behind the makers of this adware is to increase their revenue by providing guaranteed installation to the clients.
Lookout expects more such malware to pop up in the future. Meanwhile, it is really alarming to see how Android is still so vulnerable in terms of security.