Researchers develop Android clickjacking rootkit
Posted on 04.07.2012
A group of researchers from North Carolina State University have managed to create a proof-of-concept rootkit for the Android OS that is able to hijack the clicks made by the phone owners and use them to launch malicious applications without the users being aware of it.

Led by Assistant Professor Xuxian Jiang, the group was initially concentrated of finding security weaknesses in various smartphone platforms, but proceeded to create the rootkit in order to discover how Android developers could defend users against this type of attack.

The rootkit in question targets the Android framework and not the OS' kernel, which makes it easier to develop, and can be easily bundled up with a legitimate application offered for download on any of the existing online Android marketplaces. Currently, it can be installed on all but the latest version of Android.

Once established on the device, it can do things like replace the smartphone’s browser with one that covertly steals all the confidential information the users enters in it, or hide or replace any of the other apps - all without restarting the phone or alerting its owner in any way.

In fact, the mechanism used for the attack has been dubbed "user interface readdresing" and requires no privilege escalation.

"The rootkit was not that difficult to develop, and no existing mobile security software is able to detect it," claims Jiang. "But there is good news. Now that we’ve identified the problem, we can begin working on ways to protect against attacks like these."






Spotlight

(IN)SECURE Magazine issue 43 released!

Posted on 16 September 2014.  |  (IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. This issue covers web application security, mobile hacking, certification, Black Hat, and much more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Sep 17th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //