Malicious keyboard attacks

    Malware targeting Android apps through a fake keyboard is a form of attack that leverages the extensive permissions often granted to keyboard applications.

    Upon installation, a fake keyboard app requests extensive permissions. Users might grant these permissions without suspicion, as keyboard apps legitimately require broad access to function properly. For example, they often need access to input text, read user input, and sometimes require network access.

    Once installed and permissions are granted, the malware can log keystrokes, which allows it to capture sensitive data like passwords and credit card information. The captured data is often transmitted back to a server controlled by the attacker.

    Defense techniques overview

    --- title: Malware malicious keyboard attacks --- graph TD all[All malware attacks] --> steal_kb click all href "/mobile-app-security-research-center/malware/overview" "Malware overview" steal_kb[Malicious keyboards] steal_kb --> secure_keyboard([Secure in-app keyboard ⭐]) style secure_keyboard fill:lightgreen click secure_keyboard href "/mobile-app-security-research-center/malware/secure-in-app-keyboard" "Secure in-app keyboard"


    Recommended defense tactics

    We recommend using a secure keyboard.


    Table of contents