1. Download our Official Android App: Forums for Android!
  2. Download the #1 Android News App:   EarlyBird - News for Android
    'Accessibility Clickjacking' puts 500,000,000 Android phones at risk
    Android is susceptible to many infections and viruses that plague thousands of devices. The latest "bug" to make its rounds through our Android devices is called "Accessibility Clickjacking" and according to a report by SkyCure, is impacting more than 500 million devices.

    With monthly security updates from Google, it's interesting to see how long it takes before the latest strand of Android malware is patched.
     
  1. scary alien

    scary alien not really so scary
    Moderator
    Rank:
     #9
    Points:
    2,138
    Posts:
    22,319
    Joined:
    Mar 5, 2010

    Mar 5, 2010
    22,319
    23,814
    2,138
    Male
    space alien ;)
    Indy
    And, interestingly enough, the same gist of the issue (albeit named "tapjacking" instead of "clickjacking") was brought to the fore as far back as December, 2012:


    As always, caveat emptor...
     
    steve likes this.
  2. steve

    steve Developer
    Administrator
    Rank:
    None
    Points:
    573
    Posts:
    1,086
    Joined:
    Apr 19, 2011

    Apr 19, 2011
    1,086
    1,179
    573
    Male
    Android Developer
    York, PA
    I need to research how any percent of Marshmallow is at risk. I'm pretty sure any application can add the extra security needed to protect against this. If an app doesn't implement the security that is needed and available, then it would be that apps fault.
     
    scary alien likes this.
  3. scary alien

    scary alien not really so scary
    Moderator
    Rank:
     #9
    Points:
    2,138
    Posts:
    22,319
    Joined:
    Mar 5, 2010

    Mar 5, 2010
    22,319
    23,814
    2,138
    Male
    space alien ;)
    Indy
    I was aware of this mainly due to Chainfire's "How to SU" page where he indicated (very bottom of that page) that he installed tapjacking protection on SuperSU to keep apps from surreptitiously being granted superuser access on a rooted device.

    I can indeed see where the regular dev would not be aware of the need for countermeasures / protection against these type of schemes.

    Thanks for the article and reminder re. this :).
     
    KOLIO likes this.

Share This Page

Loading...