Android exploit adds secret, thieving layers to your phone
Researchers from UC Santa Barbara and Georgia Tech have discovered a fresh class of Android attacks, called Cloak and Dagger, that can operate secretly on a phone, allowing hackers to log keystrokes, install software and otherwise control a device without alerting its owner. Cloak and Dagger exploits take advantage of the Android UI, and they require just two permissions to get rolling: SYSTEM ALERT WINDOW (“draw on top”) and BIND ACCESSIBILITY SERVICE (“a11y”).
This concerns researchers because Android automatically grants the draw-on-top permission for any app downloaded from the Play Store, and once a hacker is in, it’s possible to trick someone into granting the a11y permission. A Cloak and Dagger-enabled app hides a layer of malicious activity under seemingly harmless visuals, luring users to click on unseen buttons and keystroke loggers.