Senses

Uninstall Malicious Application · SynAc

TERM

Uninstall Malicious Application

Adversaries may include functionality in malware that uninstalls the malicious application from the device. This can be achieved by:

Updated

Jan 06, 2026

Senses

Sense 1

Adversaries may include functionality in malware that uninstalls the malicious application from the device. This can be achieved by: Abusing device owner permissions to perform silent uninstallation using device owner API calls. Abusing root permissions to delete files from the filesystem. Abusing the accessibility service. This requires sending an intent to the system to request uninstallation, and then abusing the accessibility service to click the proper places on the screen to confirm uninstallation.

Adversaries may include functionality in malware that uninstalls the malicious application from the device. This can be achieved by:

Abusing device owner permissions to perform silent uninstallation using device owner API calls.
Abusing root permissions to delete files from the filesystem.
Abusing the accessibility service. This requires sending an intent to the system to request uninstallation, and then abusing the accessibility service to click the proper places on the screen to confirm uninstallation.

MITRE ATT&CK (Mobile, CTI STIX Data)

Bibliography

MITRE ATT&CK (Mobile, CTI STIX Data)
Accessed Jan 06, 2026Quoted
MITRE ATT&CK CTI (STIX bundle)
https://raw.githubusercontent.com/mitre-attack/attack-stix-data/master/mobile-attack/mobile-attack.json
See repository LICENSE.txt for ATT&CK terms: non-exclusive royalty-free license; reproduce MITRE copyright + license in copies. Verify requirements before publishing quoted text.
Source: MITRE ATT&CK (attack-stix-data).