Recently, Google's own restrictions have made it difficult to install malware on the best Android phones. However, cybercriminals have created a new malware dropper that can bypass the security features of Android's restricted settings.

As reported by BleepingComputer and discovered by cybersecurity firm ThreatFabric, newly discovered malware droppers such as SecuriDropper provide hackers with a malicious payload on compromised devices on the compromised device. Like everything else these days, malware droppers are sold as a subscription service (dropper-as-a-service, or DaaS for short), and hackers register for this service and pay a fee to use it in their attacks.

ThreatFabric also notes in a new report that droppers allow hackers to "decouple the development and execution of attacks from the installation of malware." Creating new malware droppers can be very beneficial, and instead of launching attacks against businesses and individuals to steal money, some cybercriminals now prefer to develop tools for other hackers.

SecuriDropper is particularly problematic because it can circumvent Google's Restricted Settings feature launched in Android 13. This means that malware installed using this dropper can access powerful features like Android's accessibility settings and notification listeners. Here is everything you need to know about SecuriDropper and how hackers are currently using this advanced dropper in their attacks.

Android's accessibility settings and notification listeners are two permissions that have been frequently exploited by hackers in the past. This is why Google introduced the Restricted Settings feature in Android 13, which protects users by blocking these two permissions from being approved.

For example, Android's Accessibility Settings can be exploited by hackers to capture text on smartphone screens, grant additional permissions to malware, or perform navigation operations remotely. Notification Listener, on the other hand, can be used to steal one-time passwords.

Last August, ThreatFabric created a proof-of-concept dropper to demonstrate that it is possible to circumvent Android 13's restricted settings security feature. This dropper used a session-based installation API for malicious Android package (APK) files, and some of these malicious apps were installed in multiple steps to bypass Restricted Settings.

But now, according to security researchers at ThreatFabric, the SecuriDropper is doing the same thing to sideload malware onto targeted Android devices. The dropper does this by posing as a legitimate app, such as a video player, security app, or game. Once installed, however, a second payload, a type of malware, is downloaded.

So far, ThreatFabric has seen the SpyNote malware distributed through SecuriDropper, posing as a Google Translate app. The dropper has also been used to distribute the banking Trojan Ermac under the guise of the Chrome browser.

The easiest and simplest way to protect yourself from Android malware is to not sideload apps on your phone. While it may be convenient and tempting to download and install APK files to get new apps, it is not worth the risk.

Unlike the Google Play store, Amazon Appstore, and Samsung Galaxy store, side-loaded apps do not undergo the same rigorous security checks as apps downloaded from the official Android app store. Of course, malicious apps occasionally slip through the cracks, but overall, it is much safer to download and install new apps from the official store than to sideload them.

If you do download a suspicious app, you can always check the permissions it has access to by going to the "Settings" menu and finding the specific app under "Apps." By selecting Permissions from this menu, you can see all of the different permissions that the app has access to and disable them if you think something fishy is going on.

The best Android antivirus apps offer excellent protection against malware, but if you're on a tight budget, Google Play Protect will also scans - and it's free. But for further protection against malicious apps, you may also want to consider the best identity theft protection services that can help you recover from scams and regain your identity.

Malware droppers are fast becoming a lucrative business for hackers, and SecuriDropper won't be the last. However, if you are careful when installing new apps and avoid sideloading, you are less likely to get infected with nasty malware on your Android phone.