A new exploit in Android that exploits your data to hackers has just been surfaced. Called “Cloak and Dagger”, the latest vulnerability has been discovered by security researchers from Georgia Institute of Technology and UC Santa Barbara.
The exploit creates a malicious app for Android. The app prompts users to set only two permissions — BIND ACCESSIBILITY SERVICE (“a11y”) and SYSTEM ALERT WINDOW (“draw on top”). These permissions record your keystrokes to steal sensitive information such as passwords.
Users manually need to permit the app to access these services. However, skilled hackers use smart techniques to get users to enable these permissions.
According to the report published by researchers, hackers can take the full control of the device once the malicious app is activated on the infected device. The attackers can steal data from installed apps and even install new software on the device.
“Conceptually, “cloak and dagger” is the first class of attacks to successfully and completely compromise the UI feedback loop,” the researchers write in the report.
The published report contains demonstrations of how a malicious app can launch powerful attacks.
Google Play Protect updates to fix flaw
Google has immediately taken an action and released a statement explaining how they are preventing such attacks. It has updated Google Play Protect, the security service that comes pre-installed in all Android devices. The service can detect and prevent installation of malicious apps.
In addition to the update, Google is working towards strengthening the security of upcoming Android O.
Rajat is into blogging since he was in the high-school. He’s an Android geek, known for his work on Android ROMs & Kernels on XDA developers forum. He manages Google Developer Group Pune community.