- Oblivion can silently intercept SMS, push notifications, and two-factor authentication codes
- Malware bypasses the Accessibility Service and gives attackers full control of the device without warnings
- A remote control allows hidden access while the user views fake overlays
Oblivion is a recently observed Android remote access Trojan that reportedly targets a variety of popular devices running Android 8 to 16.
Security researchers at Certo have examined the tool, which sells via subscription starting at $300, and claims to be able to work on highly customized systems from Samsung, Xiaomi and Oppo.
The package includes a builder that allows buyers to generate malicious applications with chosen names and icons, along with an eyedropper that imitates legitimate update messages.
Bypass protections and stay hidden
Instead of relying solely on technical exploits, the infection method often relies on persuading users to install apps from channels outside of official ones.
That approach is not new, although the polish of the interface shown in the demos suggests careful refinement.
Normally, Android asks users to manually approve sensitive permissions, but the malware supposedly bypasses this; However, one of the central claims surrounding Oblivion is its ability to automate permission approval, particularly through abuse of the Android Accessibility Service.
This feature was originally designed to help users with disabilities, but can grant extensive control when used incorrectly.
Once active, Oblivion can read SMS messages, intercept two-factor authentication codes, monitor push notifications, and log keystrokes in real time.
You can also launch or kill apps remotely and unlock the device using captured credentials, as a hidden remote control feature allows attackers to interact with the device through hidden sessions while the user only sees a convincing overlay of the system.
Anti-removal mechanisms reportedly block attempts to revoke permissions or uninstall the malware, and icon suppression hides its presence.
The emergence of a tool capable of bypassing built-in protections raises concerns about the durability of platform-level defenses.
Google has progressively restricted abuse of the Accessibility Service, but claims that the latest versions of Android can be bypassed suggest that loopholes remain.
Users are at greater risk by installing apps from outside the Play Store, responding to unexpected update requests, or granting Accessibility permissions unnecessarily.
Running security scans, using endpoint protection, maintaining a firewall, and periodically auditing application permissions can reduce exposure.
AI tools are increasingly involved in detection, but the availability of malware on a subscription basis lowers the barrier for attackers and expands their potential impact.
Oblivion doesn’t rely on highly technical feats; Its effectiveness comes from social engineering combined with automation.
Its commercial accessibility means that even minimally experienced attackers can gain persistent control over devices, intercept sensitive information, and manipulate applications remotely.
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
