95.4% of All Android Devices Are Susceptible to Accessibility Clickjacking Exploits, says report

95.4% of All Android Devices Are Susceptible to Accessibility Clickjacking Exploits, says report

Skycure disclosed that more than a billion Android devices are vulnerable to accessibility clickjacking exploits. Expected to attack all Android devices except those loaded with Android 6.x Marshmallow, the vulnerability enables a malicious hacker to monitor victim’s activity, read and compose corporate emails and documents including the capability to remotely encrypt or wipe the device. This will force the victim to pay money to get access to their own device, in a mobile ransomware scenario.

The hacker sneaks into the victim’s mobile device by combining two features of Android like Accessibility Services and the ability to draw over other apps. It is possible to gain control of the mobile device, which includes acquiring elevated privileges and exposing the content of all apps on the device.

By combining these two features, a malicious hacker can trick a user into granting virtually unlimited permissions to their malware.

Skycure has released a video, which examines how the Accessibility Clickjacking Exploits are carried out.

As you can see from the above video, the user is taken to accessibility settings, prompted to navigate to the properties of the service we’re trying to enable. After that the user is prompted to enable the selected device. Her, the user is forced to click on “the eye”, which is in fact the unobscured left part of the “OK” (approval) button.

To protect your device from Accessibility Clickjacking Exploits, you need to make use of an updated version of Android. It is also important to download only those apps which are listed on Google Play Store. You should also run an updated version of a Mobile Threat Defense solution.

1 Comment

Leave a Reply

Your email address will not be published. Required fields are marked *