Android - Are there any tools to sandbox a malware application even more than the granted permissions on Android?

Whisper Systems has come out with a custom ROM that has this exact feature: As DarthNoodles mentions, it has to be done at the system level rather than the app level, which is how it is implemented in WhisperCore. The current version isn't able to block all of the permissions available on Android, but they are working on supporting more of them.

CyanogenMod 7.1 has exactly this feature, but without faking data, only failing, if the app accesses the API. Proposition for faking the IMEI was rejected. Faking other data, like contacts, is currently under discussion.

XPrivacyLua is a module for Xposed framework which does exactly what you need. It is free and open source. Works on rooted devices. It's the successor of XPrivacy.

Install Xposed from here:

You can then download the XPrivacyLua module from the Xposed repo through the Xposed Manager app, or manually from here:


If you're running Android 5 or lower, you can use the legacy XPrivacy module.