News broke over the weekend that Google was instructing Android developers that don’t use Accessibility Services for its intended purpose to strip away that functionality from apps. It has now surfaced that this change is related to a “toast overlay” attack that tricks users into installing malware by masking parts of the interface.

According to TrendMicro, malicious applications can superimpose “images over other apps and certain parts of the device’s controls and settings.” The intended goal is to trick users into installing malware and other nefarious payloads to permit auto-updating.

An image of a seemingly benign “OK” or “Continue Installation” icon, for instance, can be displayed over a hidden button that will surreptitiously grant it device privileges. It can also be used to install a malicious information-stealing app—or even hijack the screen and lock the user out ala ransomware.

The security firm found several apps that took advantage of this vulnerability on the Play Store, with Google removing them after being informed.

One app taking advantage of this vulnerability had 500,000 installs as of last week. Since removed, “Smart AppLocker” enabled “ad-clicking, app-installing and self-protecting/persistence capabilities.”

All versions of Android, save for 8.0 Oreo, are affected, though Google released a patch with the September Security Bulletin. Meanwhile, many apps, like Action Launcher, are updating their apps to remove their various uses of the Accessibility Services.

Check out 9to5Google on YouTube for more news:

FTC: We use income earning auto affiliate links. More.

Check out 9to5Google on YouTube for more news:

You’re reading 9to5Google — experts who break news about Google and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Google on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

About the Author

Abner Li

Editor-in-chief. Interested in the minutiae of Google and Alphabet. Tips/talk: