Abuse Device Administrator Access to Prevent Removal
A malicious application can request Device Administrator privileges. If the user grants the privileges, the application can take steps to make its removal more difficult.
It is rare for applications to utilize Device Administrator access. App vetting can detect apps that do so, and those apps should be closely scrutinized. A static analysis approach can be used to identify ransomware apps including apps that abuse Device Administrator access.
|Caution with Device Administrator Access|
|Use Recent OS Version||
Changes were made in Android 7 to help prevent use of this technique.
The device user can view a list of apps with Device Administrator privilege in the device settings.
- Adrian Ludwig. (2016, May 19). What's new in Android security (M and N Version). Retrieved December 9, 2016.
- Federico Maggi and Stefano Zanero. (2016). Pocket-Sized Badness - Why Ransomware Comes as a Plot Twist in the Cat-Mouse Game. Retrieved December 21, 2016.
- Proofpoint. (2017, November 3). Credential phishing and an Android banking Trojan combine in Austrian mobile attacks. Retrieved July 6, 2018.