New Android Adware Can Download, Install Apps Without Permission: Report

Advertisement
By Manish Singh | Updated: 23 November 2015 16:20 IST

An adware family has been found to be capable of automatically installing apps on Android devices, targeting a flaw in the way Google's mobile operating system handles accessibility features, a report has found. The adware reportedly installs apps even if a user has cancelled the installation.

Dubbed Shedun, the Android malware has been found to download unwanted apps as well as exploit a vulnerability in Android that makes it possible for the malware to find alternative ways to interact with the infected device, security firm Lookout reports. Shedun is one of the three adware programs Lookout had reported earlier this month. Shedun, Kemoge, and Shaunet are part of the same Android adware family that root infected device to install malicious apps and serve ads. These adware programs have reportedly affected more than 20,000 popular Android apps via unofficial channels. Their official Google Play counterparts were not affected, the firm had added.

Advertisement

But it appears Shedun is capable of doing much more than initially anticipated. The adware attempts to fool users into enabling accessibility features because they are allegedly needed by a utility to help stop inactive apps. To gain a user's trust, the app notes that the notification is a "standard privacy risk reminder."

"By gaining the permission to use the accessibility service, Shedun is able to read the text that appears on screen, determine if an application installation prompt is shown, scroll through the permission list, and finally, press the install button without any physical interaction from the user," wrote Michael Bentley, head of research and response at Lookout in a blog post.

Advertisement

Once a user enables the accessibility feature, Shedun displays a pop-up ad for an app. This is where it gets trickier. Even if a user closes the pop-up, the app is downloaded and installed. This happens because any app with access to accessibility features can determine the text on the screen and scroll through the permissions list and initiate the installation without any interaction from the user. The culprits behind it have likely partnered with clients to guarantee them 100 percent ad display and installation.

"Shedun likely uses this technique in order to increase its revenue by guaranteeing the installation and execution of advertised applications. After all, marketing companies pay more money for advertising campaigns where the user actually interacts with the application after downloading it instead of simply downloading and forgetting about it," Lookout explained in a blog post.

Advertisement

The security firm expects to see more such malware in future. The state of security on Google's Android platform continues to remain alarming.

 

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Advertisement

Related Stories

Popular Mobile Brands
  1. Airtel Unlimited 5G Data Subscribers Reportedly Cannot Share 5G Data via Mobile Hotspot
  2. Oppo K15 Launch Date Confirmed; Key Specifications Revealed Ahead of Debut
  3. Lava Virat V1 5G, Virat V1 Key Specifications Confirmed Before India Launch
  4. Here's How Much the iQOO Z11 Lite Could Cost in India
  5. Here's When the Poco M8 Power, Poco X8 Could Launch in India
  6. OnePlus Exits US, Europe, Continues Operations in India: 5 Things to Know
  7. Redmi Note 17 Pro Global Variant Appears on NBD Database Alongside Poco Model
  1. Redmi Note 17 Pro Global Variant Reportedly Appears on NBD Database Alongside Poco Model
  2. Google Pixel 11a Codename Reportedly Spotted in Phone App
  3. Huawei Mate XT 2 Leaked Patent Reveals New Tri-Fold Design and Folding Mechanism
  4. Airtel Unlimited 5G Data Subscribers Reportedly Cannot Share 5G Data via Mobile Hotspot: Here's What We Know So Far
  5. Lenovo Legion C700 Teased as a Cloud Gaming Handheld Ahead of August Launch
  6. Marvel's Wolverine Gets New Trailer That Will Play Ahead of Christopher Nolan's The Odyssey in Select Theatres
  7. Airtel Quietly Removes Rs. 549 Individual Postpaid Plan in India; Rs. 699 Plan Becomes Next Upgrade
  8. Poco M8 Power, Poco X8 India Launch Timeline Tipped; Could Arrive as Rebranded Redmi Note 17 Series
  9. Samsung Galaxy S25 Series Could Get Galaxy S26’s Horizontal Lock Camera Feature With One UI 9 Update
  10. Asus Pad India Launch Date Announced as Company Reveals Key Specifications
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.