Skip to main content
  1. Home
  2. Mobile
  3. News

Researchers discover new class of Android malware that hides its tracks

By

android cloak dagger malware phone
ymgerman/123RF
A common permission in many apps downloaded from the Google Play Store could make it relatively easy for a malicious developer to gain complete control over your device. That’s according to researchers at the University of California and the Georgia Institute of Technology, who discovered the new type of attack and have already shared their findings with Google.

They’re calling it “Cloak and Dagger,” and it relies on the ability of apps to draw UI elements over the screen as a way of concealing from the user exactly what is being shown. In the example given, several prompts are displayed when a malicious app is opened. The user thinks they’re interacting with the app, but they’re actually enabling an accessibility service that can be used to log keystrokes, including passwords.

Recommended Videos

Then, the real magic happens. Here, the user is made to watch a video — all the while, in the background, the malware is flipping switches to grant itself a variety of other permissions, including the ability to read location, text messages, and storage.

Cloak & Dagger: Clickjacking + Silent God-mode App Install

Ironically, all apps downloaded through Google’s storefront can enable the two permissions necessary for the attack without the user’s knowledge. In other words, it’s on Google to detect the scheme before the app hits the Play Store. If it slips through, as some do from time to time, the only way the user could stop it is by digging into the apps menu and checking permissions granted.

Related

One of the most dangerous aspects of the Cloak and Dagger scheme is that researchers say it can be used to record your PIN code to discreetly unlock your device and perform actions — without ever turning the screen on.

According to the researchers, the latest version of Android, release 7.1.2, modifies the way permissions are handled in a way that makes it slightly harder to carry out an attack like this one. However, it doesn’t fully solve the issue.

Google has since responded to the news, stating to Engadget that it has updated Google Play Protect, its security software on most Android devices, to detect the presence of harmful apps that abuse these permissions. The company also reports that changes it made in Android O will “further strengthen” the platform against Cloak and Dagger attacks.

Editors' Recommendations

Topics
Adam Ismail
Adam Ismail
Former Digital Trends Contributor
Adam’s obsession with tech began at a young age, with a Sega Dreamcast – and he’s been hooked ever since. Previously…
There’s a big problem with Samsung’s new Android tablets
The back of the Samsung Galaxy Tab S9 Ultra.

“Android tablets are a lost cause.” I come across this recurring theme more often than I would like, but there’s some truth to it. As someone who pushes Android tablets as a daily workhorse, I’ve defended on numerous occasions how the ecosystem has matured over the past few years after Android 12L and foldable arrived on the scene.

But compared to the iPad, Android tablets keep falling short. With every brand trying to create its own unique software flavor for tablets that vary dramatically in terms of firepower, no two Android tablets seem to offer a uniform experience. iPads, on the other hand, do deliver experience uniformity irrespective of the screen size.

Read more
Honor’s new Android phone has a feature we’ve never seen before
Promotional photo showing the Honor 90 phone in different colors.

Honor isn’t happy with Samsung taking all the mid-range smartphone glory with the excellent Galaxy A54. As such, it has launched the Honor 90 to see if it can tempt you away from Samsung's colorful and capable device. The Honor 90 matches the Galaxy A54’s price, but what about its specifications?

Honor has highlighted the screen technology as a reason to buy, and it certainly has something we haven't seen before. It’s a 6.7-inch, 2664 x 1200 pixel resolution OLED with a quad-curve shape, meaning it flows down into the chassis for comfort and style. The panel uses 3840Hz Pulse Width Modulation (PWM) dimming to minimize flicker at low brightness, and it's the first time we've seen this level of PWM dimming on any smartphone. Other phones have 1920Hz or 2160Hz PWM dimming (such as the Realme 11 Pro+) at the most. The technology should also help reduce eye fatigue when using the screen for a long time. The screen has a 120Hz refresh rate, HDR10+ certification, and a peak brightness of 1,600 nits.

Read more
The first Android 14 beta just landed — here’s everything that’s new
Screenshots of Android 14, showing the new back gesture button and share pop-up.

The first open beta of Android 14 has been released by Google for compatible Pixel smartphones. This is a public beta and not a develop-centric build, which means you can install it on your phone without any technical hassles. All you need to do is have a compatible Pixel device, register for the Android 14 beta testing program, and you will get the update via the OTA channel like a regular software update on your phone.

Now, Android 14’s first public beta is a tad light on user-facing features in its current avatar, but more tricks might be added down the road. One of the most notable tweaks is that the back arrow identifier, which appears on the screen when you swipe left or right in order to go back to the previous page, is now more prominent. Google says the larger arrow helps “improve back gesture understanding and usefulness” and that it will play well with the Material You theming system.

Read more