Combination of Features Produces New Android Vulnerability

Cloak and Dagger: Current Android Vulnerability in Mobile Phones

Security researchers has found a serious android vulnerability that can steal any password with Android features. The real bad thing: banking trojan use the method long ago.

Two app rights of the Android operating system can be misused to build a universal keylogger, which reads everything the user of the device taps into the keyboard. In addition, an attacker can use it to give a malicious app unlimited rights. This android vulnerability attacks have revealed several security researchers at universities in UC Santa Barbara and Georgia Tech in the US. They gave android vulnerability the name Cloak & Dagger. The gaps are still open, but Google now prevents apps that they use to be loaded into the Play Store. In addition, Android O (the next version of the operating system) will close the gaps.

Researchers at the Georgia Institute of Technology have discovered how good Android features can be used for malicious android vulnerability on smartphone users. Both SYSTEM_ALERT_WINDOW (“draw on top”) and BIND_ACCESSIBILITY_SERVICE are the security gaps. The former allows you to display important messages about the current app’s current output, which is used to help visually impaired users, Criminal attackers can, however, as the security researchers show, abuse both functions in harmless apps: In several videos, they perform as they lurk in the background with their android vulnerability “Cloak and Dagger” method (night-and-fog-action) Track passwords, and secretly install applications with malicious code and full access rights.

The Android Vulnerability Problem:

Each app can use both functions without having to request special privileges. Attackers can now set harmless apps – such as “sweet cat videos” – in the playstore, which displays invisible buttons via a banking app, with which password entries are recorded or when playing a video loads malicious programs from the Internet and secretly with full rights equip. Worse: This behavior is part of Android’s user guide, so there is no security hole that could be easily closed by a patch. Google’s automated testing of new apps lets many such wolves in the sheep fur. In fact, the security portal The Hacker News has already reported on several banking trojans in the Playstore, which also work with this android vulnerability “Cloak and Dagger” methods.

How Can You Protect Yourself From Android Vulnerability?

Currently, there is no complete protection against this android vulnerability! You should pay particular attention to installing apps only from trusted manufacturers, and you should also set up a protection program on your smartphone. In addition, at least Android 6 can minimize the risk of android vulnerability by allowing you to turn off notifications or allow apps to be used: Go to Settings, then Apps, Gear icon, Show other Apps, now Apps With permission and there for all apps except the absolutely necessary (such as trustworthy calendar, alarm clock). The rest will be done by Google: First, the Android vendor has to check the apps in the Playstore more intensively, secondly, to prevent the abuse of SYSTEM_ALERT_WINDOW and BIND_ACCESSIBILITY_SERVICE. The latter is still working for the upcoming Android 8, which is to put now common android vulnerability the craft by new security functions. Whether this current android vulnerability Cloak and Dagger on the current Android versions ever completely stopped.

Tags : Internet Security

The author FileEdge