Hack Cave

It's really hard time for Android, as yet another serious vulnerability was discovered recently. The issue resides in the multitasking capability of the Android phones. According to the latest research conducted by the researchers at the Pennsylvania State University and FireEye, this serious security flaw gives hacker ability to spy on Android smartphone owners, steal login credentials, install malware, and much more.

Attacking Method

This flaw makes it possible to lure the victim into to type their login details to a spoofed interface. This malicious interface could be controlled by the hacker and it runs whenever an app starts. Thus the sensitive details are stolen by hackers, through the malicious software program, without raising any suspicion to the user. Device owner will have no clue of what is happening and that makes it very dangerous.

Vulnerability in Android Task Management.

This was revealed by the researchers who published their findings in a paper titled, "Towards Discovering and Understanding Task Hijacking in Android" [PDF]. It was mainly focussed on what happens when an app or multiple apps run in one or multiple processes simultaneously creating Multi-Tasks. A vulnerability which resides in android multitasking mechanism was found out. Multitasking is an android feature which helps to switch between the apps, background run, running more than one apps etc.

Task Hijacking Attack

Vulnerability in android task management mechanism can be leveraged to initiate task hijacking attacks on a vast scale.The researchers have found out that task hijacking flaw is prevalent in more than 6.8 Million apps from multiple Android app stores. The researchers also claimed that the vulnerability can impersonate the user interface of the app, which is controlled by the attacker on the other hand.

Here is a video providing a quick overview of the vulnerability.

This vulnerability can cause many more nasty attacks, like DDoS, Ransomware etc.

How to protect yourselves?

As for now, no patch is being released and every version of android is vulnerable. To be on the safer side stick to apps from Playstore and other trusted app stores.  By default google checks apps for hijacking and phishing attacks with Android's Verify Apps and Safety Net features.

Also read 

Post a Comment