Android Droppers Now Deliver SMS Stealers and Spyware, Not Just Banking Trojans

Cybersecurity researchers are calling attention to a new shift in the Android malware landscape where dropper apps, which are typically used to deliver banking trojans, now also distribute simpler malware such as SMS stealers and basic spyware.

The Dutch mobile security firm states that this change is driven by recent security protections that Google has piloted in select markets including Singapore, Thailand, Brazil, and India to block side-loading of potentially suspicious apps requesting dangerous permissions like SMS messages and accessibility services, a heavily abused setting for malicious actions on Android devices.

“Play Protect may display alerts about the risks, as part of a different scan, but as long as the user accepts them, the app is installed, and the payload is delivered,” ThreatFabric said. “This illustrates a critical gap: Play Protect still allows risky apps through if the user clicks Install anyway, and the malware still slips through the Pilot Program.”

To read the complete article see: The Hacker News.