There has been a war between Security and the Android operating system for a long time and many vulnerabilities has been rolled out in the earlier weeks. Recently a new vulnerability has been discovered in the Android.
Android's new vulnerability is allowing the attacker to gain complete control over the application or the device by gaining the appropriate credentials.
The vulnerability has been exploited by making the user to give the login credentials to the malformed User Interface that allows the attacker to gain the credentials.
The main thing is that the user may not know that he / she is typing the login credentials in the malicious User Interface pretending to be the original application.
The vulnerability exists in the exploitation of the multitasking of the apps and the multitasking in desktop is different from that of the multitasking in the Android device.
The multitasking in the Android device allows the attacks having advantage over the
Applications that are running in the background saves the state.
Switching or navigating between the Applications.
The vulnerability can be known as #Task Hijacking vulnerability and the vulnerability has been published in the conference in the name of "#Towards Discovering and Understanding Task Hijacking in Android".
More than 6.8 million applications that are available in the Google Play Store are vulnerable and the genuine way to secure to some extent is not to download applications from any unknown source.
P.S : The post is to create awareness and not to be misused.
No comments:
Post a Comment