Android 14 is introducing an important security feature that authenticator apps can use to block malware from stealing your 2FA codes, like how the “Cerberus” banking trojan and “Nexus” malware were caught snooping on Google Authenticator. Here’s what you should know.
The Accessibility API lets apps read the contents of the screen and perform inputs on behalf of the user. It’s intended for screen readers and alternative input systems, but it’s open to any app. Malware authors love abusing this API.
Well-known malware like Cerberus and Nexus have been reported to use Accessibility to read 2FA codes from Google Authenticator. Currently, if an app’s malicious Accessibility Service is enabled, there’s nothing stopping them from doing that.
In Android 14, though, apps can set an attribute to prevent non-accessibility tools from interacting with important Views. Google Authenticator eg. can ensure that only accessibility tools can read 2FA codes.
For more information on this new #Android14 security feature, include a video that shows how it can block malware from reading your 2FA codes.