New Tool Detects Malware Exploiting Smartphone Accessibility Features

Researchers at Georgia Tech recently announced that they have created a new tool called Detector of Victim-specific Accessibility (DVa) to fight malware that takes advantage of smartphone accessibility features.

While tools like screen readers and voice-to-text help people with disabilities, they also make phones easier targets for hackers.

Malware can exploit these features to read screens, access important apps, and block removal attempts. This can result in severe consequences, such as unauthorized bank transfers or the exposure of sensitive information in cryptocurrency apps.

DVa works in the cloud to scan smartphones for malware and sends users a report of its findings. It tells users which apps are harmful, how to delete them, and alerts them about potential damages.

The tool also reports its findings to Google, helping the company remove harmful apps from the Play Store.

Brendan Saltaformaggio, an associate professor at Georgia Tech, stressed the importance of having security experts involved when designing accessible technology. He warned that without their input, these tools could be misused by hackers.

To test DVa, the research team worked with Netskope, a cloud security company, and installed malware samples on Google Pixel phones to see how it affected the system.

While DVa can identify many current malware threats, researchers noted that balancing security with accessibility remains tricky. DVa has some limitations.

It relies on specific functions defined by accessibility tools, which means it might miss malware that uses clever tricks to exploit those functions.

Additionally, while DVa tries to adapt to known threats, it can struggle when malware uses complicated behaviors or new evasion tactics. These challenges could prevent DVa from detecting certain types of malware.

Ken Xu, a Ph.D. student of the project, highlighted the need to differentiate between safe and harmful uses of accessibility services. Despite these challenges, researchers are hopeful that DVa can improve and help keep accessible technology safe in the future.