Android Security Hole Grows

Android Security Hole Grows

  • By Sydny Shepard
  • May 18, 2016

In March, security researchers at Skycure discovered a theoretical attack that involves the exploitation of two Android features that can be used together to take complete control over a victims phone or tablet. Now, those same researchers believe they’ve found event more ways to exploit more versions of the Android OS.

In March, Skycure said they believed 66 percent of Android phones and tablets could be hacked; now the number has been increased to 95.4 percent, or 1.34 billion devices.

By using an Accessibility Clickjacking Exploit, the researchers were able to leverage Android feature “Accessibility Service” along with a second feature built into the Android OS that allows you to draw over other apps. According to the security firm, all versions of the Android OS that came before 6.x Marshmallow are vulnerable to this clickjacking hack.

In order to tap into the vulnerability, a hacker would create a game or application that would run in an overlay window on top of the Android home screen. While the app was running, it would open up the Accessibility Services settings. The game would trick the user into tapping areas of the overlay screen that would also be recognized in the underlying screen. Using this method, an attacker could also trick you into tapping the right sequence of settings to hand over control of your phone to a remote hacker.

This clickjacking method could allow the hacker to invisibly open and close settings and open malicious webpages that can install malicious software onto the phone or tablet. Skycure says this technique could also trick users into unknowingly approve the service’s permissions such as Device Administrator access.

“After presenting this research at RSA, confirmed on all Android versions through KitKat, it occurred to me that there may be a way to also run this on Android devices running Lollipop. My team was then able to test this and verify that Lollipop is also vulnerable to Accessibility Clickjacking,” Yair Amit, CTO and co-founder of Skycure, said in a blog post.

Google has acknowledged the vulnerabilities brought forward by Skycure calling it, “an example of nefarious use of genuine tech.” Google has turned off, by default, the overlay feature in the Android 6.x OS. Users who want to take advantage of overlay screens in Android 6.x and above will have to opt-in to the feature.

About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

Featured

  • DHS Releases Framework for Safe, Secure Deployment of AI in Critical Infrastructure

    The Department of Homeland Security (DHS) released a set of recommendations for the safe and secure development and deployment of Artificial Intelligence (AI) in critical infrastructure, the “Roles and Responsibilities Framework for Artificial Intelligence in Critical Infrastructure” Read Now

  • Making the Grade with Locks and Door Hardware

    Managing and maintaining locks and door hardware across a school district or university campus is a big responsibility. A building’s security needs to change over time as occupancy and use demands evolve, which can make it even more challenging. Knowing the basics of common door hardware, including locks, panic devices and door closers, can make a difference in daily operations and emergency situations. Read Now

  • Choosing the Right Solution

    Today, there is a strong shift from on-prem installations to cloud or hybrid-cloud deployments. As reported in the 2024 Genetec State of Physical Security report, 66% of end users said they will move to managing or storing more physical security in the cloud over the next two years. Read Now

  • New Report Reveals Top Security Risks for U.S. Retail Chains

    Interface Systems, a provider of security, actionable insights, and purpose-built networks for multi-location businesses, has released its 2024 State of Remote Video Monitoring in Retail Chains report. The detailed study analyzed over 2 million monitoring requests across 4,156 retail locations in the United States from September 2023 to August 2024. Read Now

Most   Popular

Featured Cybersecurity

Webinars

New Products

  • EasyGate SPT and SPD

    EasyGate SPT SPD

    Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles. 3

  • Unified VMS

    AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities 3

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.” 3