Skip to main content

New Malware, Accessibility Clickjacking, affects 65% of Android devices

google android one u s stock phone smartphone
Image used with permission by copyright holder
In our mobile-first digital age, we operate under the assumption that our smartphones are safe — the alternative is simply too terrifying to consider, especially considering the vast amount of information and personal data contained on these devices. But the time for ignorance has long since passed, and at the RSA conference in San Francisco this past week, mobile security company Skycure co-founders Adi Sharabani and Yair Amit revealed that a new kind of malware puts a stunning 500,000,000 Android phones at risk. That’s the equivalent of 65 percent of Android devices on the market today.

The issue of malware on Android devices is nothing new, but this latest form may be the most insidious. Known as “accessibility clickjacking,” it effectively cedes control of your phone to a malicious hacker.

Recommended Videos

As Skycure explains, “Clickjacking is a term for a malicious UI redressing technique that tricks a victim into clicking on an element that is different than the one the victim believes to be clicking on.” In essence, “malicious websites” appear with what seem to be harmless webpages, but these sites are in fact overlayed with another attacked service. And Skycure notes, “Clickjacking is not a theoretical threat — just a month ago, a ransomware named Android.Lockdroid.E that utilized Android Clickjacking to gain Admin rights was found by Symantec.”

Please enable Javascript to view this content

So just what is the extent of the damage made possible by way of this new malware? Experts claim that clickjacking could give hackers access to “all text-based sensitive information on an infected Android device, as well as take automated actions via other apps or the operating system, without the victim’s consent.” This includes emails, text messages, messaging app data, information from CRM apps, and much more.

The worst part, perhaps, is the sheer number of users who may be susceptible to this sort of attack. If you’re running anything from Android 2.2 Froyo to Android 4.4 KitKat on your phone, you could fall victim to clickjacking. So upgrade to Lollipop or above ASAP, and protect yourself from the latest in malware.

Lulu Chang
Former Digital Trends Contributor
Fascinated by the effects of technology on human interaction, Lulu believes that if her parents can use your new app…
This new Android phone looks like a photographer’s dream
Sharp Aquos R9 Pro

Sharp has announced an intriguing new phone aimed at mobile photographers. It's called the Sharp Aquos R9 Pro, and while it may not have the best name, there's a lot to talk about here.

The Aquos R9 Pro has many interesting features, starting with its gigantic camera bump on the back, which houses three powerful cameras: a 50.3-megapixel primary camera, a 50.3MP telephoto camera, and a 50.3MP ultrawide camera. The cameras are surrounded by a vegan leather backplate.

Read more
Android 15 is now rolling out to Pixels. Here’s what’s new
Android 15 logo on a Google Pixel 8.

The wait for a next-generation Android experience is finally over. Google today released the public version of Android 15, and it is now making its way to compatible phones, starting with the company’s Pixel series of smartphones.

Among the key areas where Android 15 brings the biggest set of upgrades are safety and privacy. To that end, users will soon be able to create a safe space for all their sensitive apps, locked behind their device’s local password or biometric layer.

Read more
The Samsung Galaxy A16 sets a new record for budget Android phones
Galaxy A16 banner Samsung.

We've known that Samsung's next lineup of budget phones was on the way, especially after all of the information that leaked last week. Now, we have confirmation on several elements of the phone, but the most important of them all is the incredible (and unheard of) six years of security patches the Galaxy A16 5G will receive from launch. That means it will be fully up to date until October 31, 2030.

We reported on this possibility a couple of weeks ago, but now it's confirmed — and that's a big deal. Many budget phones only receive two years of security patches post-launch. The Galaxy A16 5G's six years of support puts it only one year behind Samsung's flagship models in the Galaxy S24 series. For a phone as cheap as the Galaxy A16, that's incredible.

Read more