Android Malware Hijacks Accessibility Service

A sophisticated Android Remote Access Trojan named Oblivion is reportedly targeting devices running Android 8 through 16. Security researchers have examined this malware, which is available on a subscription basis starting at $300. Oblivion is designed to bypass standard Android protections by abusing the Accessibility Service.

This service, intended for users with disabilities, can grant extensive permissions when misused. Oblivion leverages this to silently intercept SMS messages, push notifications, and two-factor authentication codes. It can also log keystrokes and remotely launch or uninstall applications.

Attackers gain full device control through a hidden remote control feature. This allows them to interact with the device via concealed sessions, while the user is presented with convincing fake system overlays. The malware also includes anti-removal mechanisms, making it difficult to revoke permissions or uninstall.

While Google has worked to restrict Accessibility Service abuse, Oblivion's alleged ability to bypass newer Android versions suggests ongoing security gaps. Users are most vulnerable when installing apps from outside official stores or granting unnecessary permissions. Regular security scans and auditing app permissions are recommended defenses.