The Hacker News Logo
Subscribe to Newsletter

Android Clickjacking Rootkit Demonstrated

Android Clickjacking Rootkit Demonstrated
Mobile security researchers have identified an aspect of Android 4.0.4 (Ice Cream Sandwich) and earlier models that clickjacking rootkits could exploit. Researchers at NC State in the US have developed a proof-of-concept prototype rootkit that attacks the Android framework and could be used to steal personal information.

What is clickjacking? It is a malicious technique that tricks users and is often used to take over computers, web cams, or snag confidential info that is revealed by users who thinks they are on an innocent webpage.

Like most Android malware, the rootkit can be distributed as a malicious app, opening up a host of potential vulnerabilities on any device on which it is installed. However, it functions in a different way.

The rootkit, which could be bundled with an app and is said to be undetectable by anti-virus packages, would allow an attacker to replace a smartphone's browser with a version that logs key strokes to capture bank card data and uploads them to a hacker-controlled website.

Jiang explained in a video in which he demonstrates the rootkit in action:
In a demonstration video, the rootkit is shown manipulating the apps on a smartphone. Such a program could be used by cybercriminals to replace an app with a malicious data stealing version that appears legitimate to the user.

This would be a more sophisticated type of attack than we’ve seen before,” says Jiang, “But there is good news. Now that we’ve identified the problem, we can begin working on ways to protect against attacks like these.

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.