Batu69 Posted May 26, 2017 Share Posted May 26, 2017 All versions of Android are affected by this vulnerability According to a group of security researchers from There's a new Android Researchers from Georgia Institute of Technology and UC Santa Barbara, there's a new Android exploit in the wild, which affects all version of Google's mobile OS. Called Cloak and Dagger, the exploit could allow hackers to steal your information by creating a malicious app that only needs to set two permissions, namely BIND ACCESSIBILITY SERVICE ("a11y") and SYSTEM ALERT WINDOW ("draw on top"), to log keystrokes and steal your passwords and other sensitive information. It's a fact that's not that easy to force users into enabling accessibility permissions, but skilled hackers can trick them into doing so, and once they activate both permissions, they'll be able to install software, steal data from installed apps, and basically take full control of your Android phone without you even knowing. "In particular, we demonstrate how such an app can launch a variety of stealthy, powerful attacks, ranging from stealing user’s login credentials and security PIN, to the silent installation of a God-mode app with all permissions enabled, leaving the victim completely unsuspecting," explained the researchers in their report. Google took the necessary steps to prevent such attacks Shortly after the researchers made this discovery, it appears that Google immediately took action and released an official statement explaining what they did to prevent such attacks for now, which appear to affect all version of the Linux-based Android operating system, including the latest Android 7.1.2 (Nougat) release. "We’ve been in close touch with the researchers and, as always, we appreciate their efforts to help keep our users safer. We have updated Google Play Protect — our security services on all Android devices with Google Play — to detect and prevent the installation of these apps. Prior to this report, we had already built new security protections into Android O that will further strengthen our protection from these issues moving forward." Android security It's very likely that the next Android update to patch the exploit, but that might take a while considering how various Android versions are distributed, so it is better that you always check what apps are installed on your mobile device and what persmisions are enabled. For more details on how the new exploit works, check out the videos below, courtesy of Yanick Fratantonio, one of the researchers involved in this publication. Cloak & Dagger: Clickjacking + Silent God-mode App Install Article source Quote What's interesting about Cloak and Dagger attack? The attack doesn't exploit any vulnerability in Android ecosystem; instead, it abuses a pair of legitimate app permissions that is being widely used in popular applications to access certain features on an Android device. All Android Phones Vulnerable to Extremely Dangerous Full Device Takeover Attack Link to comment Share on other sites More sharing options...
straycat19 Posted May 26, 2017 Share Posted May 26, 2017 4 hours ago, Batu69 said: creating a malicious app So all versions of android are not susceptible to this exploit...only those used by stupid people who have to download and install apps that bring no actual benefit or serve no actual purpose. I only install a couple apps on my primary phone that I have used for years and have been certified as safe. Anything else gets installed on my secondary phone using a throwaway gmail login that has no logons or access to any of my real data, so that any loss of information on that phone is something I kind of expect eventually. Though the apps I install on it are ones that I trust and serve as useful purpose, no useless tweakers, uninstallers, battery savers, etc and only one game that I bought years ago. Whether any device you own is vulnerable is totally in your hands, stupid actions result in stupid exploits. Blaming OS system developers for peoples stupid actions only goes so far, if you want a bulletproof device then never connect to a cell tower or the internet. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.