This would allow them to read text messages, monitor the phone’s use, make calls or wipe handsets entirely.
Adi Sharabani and Yair Amit (Co-founders of Mobile security company, Skycure) at the RSA conference in San Francisco this week announced that a new malware puts a vast majority of Android users at risk. It called “accessibility clickjacking,” it’s one of the most original methods of gaining access to anybody’s device.
What is Clickjacking?
As reported by Skycure: “clickjacking is a technique which tricks victims into clicking on an element that might not actually appear on the screen. By overlaying something relatively benign on the display, a user might be manually allowing access to his or her phone without ever knowing the difference.”
“Accessibility Clickjacking can allow malicious applications to access all text-based sensitive information on an infected Android device, as well as take automated actions via other apps or the operating system, without the victim’s consent,” Skycure explains. “This would include all personal and work emails, SMS messages, data from messaging apps, sensitive data on business applications such as CRM software, marketing automation software and more.”
Interested to see accessibility clickjacking in real, just watch the video from Skycure above, utilizes a free ‘Rick and Morty’-themed game to get users to without knowledge enable certain accessibility features:
The most terrifying aspect of this discovery is that Skycure was able to replicate the vulnerability on 65% of Android devices — basically anything from Android 2.2 Froyo to Android 4.4 KitKat. Unless you’re upgraded to Lollipop or prior, potentially you could be a victim of accessibility clickjacking in the future.
Thanks to Skycure for these details. Try to be more secure about your personal properties and credit, bank details. Let’s wait for next….
- OnePlus 3 Specification Surface On AnTuTu – Launching On April 7?
- Exodus ROM for OnePlus device|Marshmallow 6.0.1 update, installation guide
- Android Marshmallow 6.0.1 – OnePlus 2 OxygenOS 3.0 Update Is Currently Undergoing Soak Testing
- OnePlus 2 Android Marshmallow update: Install Nexus Experience ROM
- Why Android Marshmallow Delaying?
- Encryption : Almost no Android devices encrypted, but every iPhone does !