Skip to main content
  1. Home
  2. Phones
  3. Android
  4. Mobile
  5. News

Researchers discover new class of Android malware that hides its tracks

By
Add as a preferred source on Google

A common permission in many apps downloaded from the Google Play Store could make it relatively easy for a malicious developer to gain complete control over your device. That’s according to researchers at the University of California and the Georgia Institute of Technology, who discovered the new type of attack and have already shared their findings with Google.

They’re calling it “Cloak and Dagger,” and it relies on the ability of apps to draw UI elements over the screen as a way of concealing from the user exactly what is being shown. In the example given, several prompts are displayed when a malicious app is opened. The user thinks they’re interacting with the app, but they’re actually enabling an accessibility service that can be used to log keystrokes, including passwords.

Recommended Videos

Then, the real magic happens. Here, the user is made to watch a video — all the while, in the background, the malware is flipping switches to grant itself a variety of other permissions, including the ability to read location, text messages, and storage.

Cloak & Dagger: Clickjacking + Silent God-mode App Install

Ironically, all apps downloaded through Google’s storefront can enable the two permissions necessary for the attack without the user’s knowledge. In other words, it’s on Google to detect the scheme before the app hits the Play Store. If it slips through, as some do from time to time, the only way the user could stop it is by digging into the apps menu and checking permissions granted.

One of the most dangerous aspects of the Cloak and Dagger scheme is that researchers say it can be used to record your PIN code to discreetly unlock your device and perform actions — without ever turning the screen on.

According to the researchers, the latest version of Android, release 7.1.2, modifies the way permissions are handled in a way that makes it slightly harder to carry out an attack like this one. However, it doesn’t fully solve the issue.

Google has since responded to the news, stating to Engadget that it has updated Google Play Protect, its security software on most Android devices, to detect the presence of harmful apps that abuse these permissions. The company also reports that changes it made in Android O will “further strengthen” the platform against Cloak and Dagger attacks.

Adam Ismail
Adam Ismail
Former Contributor
Adam’s obsession with tech began at a young age, with a Sega Dreamcast – and he’s been hooked ever since. Previously…
Topics
It looks like Apple will treat you to a $200 price hike on the iPhone 18 Pro, after all
The Mac price hike told us a lot about what's coming for the iPhone 18 Pro, and IDC is now putting a number on it.
iPhone 17 Pro

Apple's Mac and iPad prices went up this week, by a good margin, no less, and the memory crisis behind them isn't going anywhere anytime soon. 

The obvious next question is what happens to the iPhone 18 Pro, which is expected to arrive later this year. IDC has an answer, and you might not like it (via MacRumors).

Read more
iPhone 18 could get a RAM boost, but only a tiny sliver to run AI chores in iOS 27
A new report suggests the extra memory is aimed at keeping Apple Intelligence running smoothly.
Apple iPhone 17 back

Apple's next iPhone may not get a dramatic RAM upgrade, but it could receive just enough extra memory to keep its growing AI ambitions running smoothly. According to TF International Securities analyst Ming-Chi Kuo, the standard iPhone 18 and iPhone 18e are expected to move from 8GB to 9GB of RAM, primarily to support deeper Apple Intelligence integration in iOS 27.

Just enough RAM to keep Apple Intelligence happy

Read more
This free iPhone app uses soothing haptics to help you calm down
This iOS app skips accounts and subscriptions, relying on touch alone to help you relax.
Electronics, Mobile Phone, Phone

Most mindfulness apps want you to create an account, buy subscription, and give a chunk of your attention before they help you unwind. Vän, a new iPhone app from Swiss indie developer Adrian Stanco, is built to be the opposite.

I found the app on Reddit, and the pitch alone made me curious enough to try it. Instead of sounds or endless scrolling, it leans entirely on haptics, the tiny vibrations your phone is already capable of producing. The result is a feeling of calm you get by simply holding your smartphone rather than watching the screen.

Read more