New advisory warns of sophisticated Android malware granting near-total device control, urging users to avoid suspicious downloads, limit permissions, and adopt stronger security practices as cybercriminals increasingly exploit human behaviour over system vulnerabilities.
The Government of India has issued a cybersecurity alert warning of a new Android malware threat, dubbed “God Mode,” that is targeting smartphone users across the country. The advisory, released by the National Cybercrime Threat Analytics Unit, highlights the growing sophistication of cyberattacks that allow attackers to gain near-complete control over infected devices.
How the malware operates
According to the advisory, the malware spreads through phishing links or messages, often delivered via platforms like WhatsApp, prompting users to download malicious APK files. These files are typically disguised as legitimate applications, such as banking tools or system updates. Once installed, the malware aggressively seeks Accessibility permissions, which provide it with extensive control over the device.
With these permissions, the malicious app can monitor screen activity, read messages including one-time passwords, and simulate user actions such as taps and approvals. It can also modify system settings, set itself as the default launcher, and operate silently in the background, making detection difficult.
Risks and preventive measures
The advisory warns that compromised devices can expose sensitive data, including banking credentials, contacts, and personal information. Attackers may intercept SMS messages, enable call forwarding, overlay fake interfaces on financial apps, and even access the device’s camera without user knowledge.
To mitigate risks, users are advised to download apps only from trusted platforms like the Google Play Store and avoid installing APK files from unknown sources. Authorities also recommend reviewing app permissions regularly, especially Accessibility settings, and checking device administrator privileges. In case of suspicion, users should boot devices in Safe Mode, remove suspicious apps, and consider a factory reset.
The government has also urged affected users to report incidents via the cybercrime helpline 1930 or the official portal. The advisory underscores a broader shift in cyber threats, where attackers increasingly rely on social engineering to gain control, making user awareness a critical line of defence.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
