Researchers develop Android clickjacking rootkit
Posted on 04.07.2012
A group of researchers from North Carolina State University have managed to create a proof-of-concept rootkit for the Android OS that is able to hijack the clicks made by the phone owners and use them to launch malicious applications without the users being aware of it.

Led by Assistant Professor Xuxian Jiang, the group was initially concentrated of finding security weaknesses in various smartphone platforms, but proceeded to create the rootkit in order to discover how Android developers could defend users against this type of attack.

The rootkit in question targets the Android framework and not the OS' kernel, which makes it easier to develop, and can be easily bundled up with a legitimate application offered for download on any of the existing online Android marketplaces. Currently, it can be installed on all but the latest version of Android.

Once established on the device, it can do things like replace the smartphone’s browser with one that covertly steals all the confidential information the users enters in it, or hide or replace any of the other apps - all without restarting the phone or alerting its owner in any way.

In fact, the mechanism used for the attack has been dubbed "user interface readdresing" and requires no privilege escalation.

"The rootkit was not that difficult to develop, and no existing mobile security software is able to detect it," claims Jiang. "But there is good news. Now that we’ve identified the problem, we can begin working on ways to protect against attacks like these."






Spotlight

Using Hollywood to improve your security program

Posted on 29 July 2014.  |  Tripwire CTO Dwayne Melancon spends a lot of time on airplanes, and ends up watching a lot of movies. Some of his favorite movies are adventures, spy stuff, and cunning heist movies. A lot of these movies provide great lessons that we can apply to information security.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Jul 30th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //