Android 13 Puts A Lid On Malicious Apps That Abuse Accessibility Access

With the arrival of Android 13 later in 2022, Google will clamp down on spammy sideloaded apps that abuse accessibility APIs. For the unaware, accessibility APIs allow developers to offer assistive features such as screen readers and read-aloud functions to help users with hearing or visual disabilities. However, bad actors have exploited Android’s accessibility privilege to seed malware and execute other serious nuisances. Take for example the MysteryBot malware, which secretly monitored touchscreen input for keylogging, allowing it to record keystrokes in sensitive scenarios such as login pages.
Malicious apps can also present a fake HTML overlay that looks like a …