Potential Design Flaw in Android Could Allow Malware to Mimic Legitimate Apps

Discussion in 'Android Tablet News' started by dgstorm, Aug 8, 2011.

  1. dgstorm

    dgstorm Editor in Chief Staff Member

    Joined:
    Jan 5, 2011
    Messages:
    2,205
    Likes Received:
    130
    Trophy Points:
    310
    [​IMG]

    Some researchers recently demonstrated what may be a design flaw in Android that would allow malware to mimic legitimate apps. Sean Schulte, SSL developer at Trustwave, and Nicholas Percoco, the senior vice president and head of SpiderLabs at Trustwave, revealed at a DefCon Hacking Convention, what they believe is a design flaw in Android. They indicated that the design flaw could be used by advertisers to bring annoying pop-up ads to phones, or even by criminals to steal data via phishing.

    Basically the exploitable flaw centers around the fact that Android allows a developer to override the standard for hitting the back buttons. Because of this, an app can be created that is able to steal the focus and keep you from being able to hit the back button to exit out. This is similar to some malware attacks on Windows based computers. They are calling it the "Focus Stealing Vulnerability", and they were able to demonstrate an app they created that did exactly what they described. Here's a quote from the CNET article with more details,
    The worst part about this potential vulnerability is that it could do more than just create a replacement pop-up ad; it could also detect when you are using a banking or email app, and create a legitimate looking overlay "phishing" for your credentials. Afterwards, the user would never even realize what happened. Supposedly,
    Google is looking into the issue, and for now, no malware infections for this exploit have been reported. In the meantime, the best thing you can do is to always be cautious about where you get your apps, and don't download anything that looks even remotely suspicious.

    Source: Android.net via PhoneArena and CNET
     

Share This Page