"AAPM was introduced by Google in Android 16, released last year. When enabled, it causes the device to enter a heightened security state to guard against sophisticated cyber attacks. Like Apple's Lockdown Mode, the opt-in feature prioritizes security at the cost of diminished functionality and usability so as to minimize the attack surface."
"The latest restriction added to the one-tap security setting aims to prevent apps that are not classified as accessibility tools from being able to leverage the operating system's accessibility services API. Verified accessibility tools, identified by the isAccessibilityTool="true" flag, are exempted from this rule."
"While AccessibilityService has its legitimate use cases, such as assisting users with disabilities in using Android devices and apps, the API has been extensively abused by bad actors in recent years to steal sensitive data from compromised Android devices."
Google is implementing a new security restriction in Android 17 Beta 2 as part of Advanced Protection Mode (AAPM), preventing non-accessibility apps from accessing the accessibility services API. AAPM, introduced in Android 16, creates a heightened security state similar to Apple's Lockdown Mode by blocking unknown app installations, restricting USB data signaling, and mandating Google Play Protect scanning. Only verified accessibility tools like screen readers, switch-based input systems, voice tools, and Braille programs can access the API. Apps classified as antivirus software, automation tools, assistants, monitoring apps, cleaners, password managers, and launchers are excluded. While accessibility services legitimately assist users with disabilities, the API has been extensively abused by malicious actors to steal sensitive data from Android devices.
#android-security #accessibility-services-api #advanced-protection-mode #malware-prevention #android-17
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]