Casa > cibernético Notícias > Cloak and Dagger Exploits Affect All Versions of Android

As explorações de manto e adaga afetam todas as versões do Android

Researchers from Georgia Institute of Technology and UC Santa Barbara have uncovered a new Android exploit affecting all versions of the operating system. The exploit is dubbed Cloak and Dagger and is seen as a new class of potential attacks targeting Google’s mobile OS.

Story relacionado: Usuários Android, Quanto você sabe sobre Ultrasonic Rastreamento?

The Cloak and Dagger Exploits in Detail

Attacks based on Cloak and Dagger allow for malicious apps to steal sensitive information by creating a specific app that only needs to set two permissions. These permissions are BIND ACCESSIBILITY SERVICE (“a11y”) and SYSTEM ALERT WINDOW (“draw on top”). These attacks abuse one or both of the SYSTEM_ALERT_WINDOW (“draw on top”) and BIND_ACCESSIBILITY_SERVICE (“a11y”), os pesquisadores explicam.

Como já mencionado, these attacks only need two permissions to take place, and in case the app is installed via the Play Store, the potential victim doesn’t need to grant them. The researchers’ user study indicates that the attacks are practical meaning that they affect all recent versions of Android, andróide 7.1.2 inclusivo.

Conceptually, “cloak and dagger” is the first class of attacks to successfully and completely compromise the UI feedback loop. Em particular, we show how we can modify what the user sees, detect the input/reaction to the modified display, and update the display to meet user expectations. similarmente, we can fake user input, and still manage to display to the user what they expect to see, instead of showing them the system responding to the injected input.

Even though it is not that simple to trick users into enabling accessibility permissions, attackers can still succeed. Once the permissions are on, attackers are able to install malicious software, harvest data from installed applications, and eventually take full control over the particular Android device. The worst part is that the user will not be aware of what is going on in the background of his device.

Em particular, we demonstrate how such an app can launch a variety of stealthy, powerful attacks, ranging from stealing user’s login credentials and security PIN, to the silent installation of a God-mode app with all permissions enabled, leaving the victim completely unsuspecting,the researchers note in their relatório.

Story relacionado: Marcher Banking Android Malware Made to Ataque múltiplas aplicações

Google Fixed the Exploits and Issued a Statement

On Google’s side, the company has already taken actions against the exploit. There is also an official statement explaining their countermeasures to patch the affected versions, incluindo Android 7.1.2, Google’s latest release.

We’ve been in close touch with the researchers and, as always, we appreciate their efforts to help keep our users safer. We have updated Google Play Protect — our security services on all Android devices with Google Play — to detect and prevent the installation of these apps. Prior to this report, we had already built new security protections into Android O that will further strengthen our protection from these issues moving forward,” Google stated.

Milena Dimitrova

Um escritor inspirado e gerente de conteúdo que está com SensorsTechForum desde o início do projeto. Um profissional com 10+ anos de experiência na criação de conteúdo envolvente. Focada na privacidade do usuário e desenvolvimento de malware, ela acredita fortemente em um mundo onde a segurança cibernética desempenha um papel central. Se o senso comum não faz sentido, ela vai estar lá para tomar notas. Essas notas podem mais tarde se transformar em artigos! Siga Milena @Milenyim

mais Posts

Me siga:

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *

Compartilhar no Facebook Compartilhar
Compartilhar no Twitter chilrear
Compartilhar no Google Plus Compartilhar
Partilhar no Linkedin Compartilhar
Compartilhar no Digg Compartilhar
Compartilhar no Reddit Compartilhar
Partilhar no StumbleUpon Compartilhar