Security26.05.2017

Android weakness allows hackers to take over your phone

Android

A security vulnerability in Android allows attackers to take over your phone and install software without you knowing.

The new class of attacks, known as Cloak & Dagger, allow a malicious app to control the UI feedback loop and take over the device.

The Cloak & Dagger attack can be performed without the user noticing the malicious activity on their device.

The attacks only require two permissions, which the user does not need to explicitly grant and for which they are not notified.

“Our user study indicates that these attacks are practical,” said researchers from the University of California.

The attacks affect all recent versions of Android – including the latest version, Android 7.1.2 – and they are yet to be patched.

The researchers alerted Google to the attacks in August 2016, and continued to update the company on the vulnerability.


Invisible Grid Attack


Context-aware/hiding Clickjacking + Silent God-mode Install Attack


Stealthy Phishing Attack


Now read: Google reveals latest details on Android O

Show comments

Latest news

More news

Trending news

Sign up to the MyBroadband newsletter