Please Log In
Jennifer Leonard, Social Media Manager for Content Watch, is passionate about connecting with people – in person and via social media. She spends her days writing, tweeting, pinning and using as many hashtags she possibly can. #Goals #SocialLife #Hustle
July 24, 2012Net Nanny for Android 2.0
May 29, 2017
University of California and Georgia Institute of Technology’s researchers recently uncovered a new exploit, called Cloak & Dagger, that can attack Android devices – even those with the most up-to-date operating systems installed.
The researchers say, “Cloak & Dagger is a new class of potential attacks affecting Android devices. These attacks allow a malicious app to completely control the UI feedback loop and take over the device – without giving the user a chance to notice the malicious activity.” The researchers discovered this breach in August 2016 and have started their own website to inform the public of their findings, as well as to track their communications to Google’s Android team.
TechCrunch reports that “The easiest way to disable this exploit in Android 7.1.2 is to turn off the ‘draw on top’ permission in Settings > Apps > Gear symbol > Special Access > Draw over other apps.”
That is one possible solution.
Another is to be extremely careful about which apps you download. Many apps access for special permissions to access your device. Check the individual settings for each app on all of your Android devices, though since these are deemed as “Special Permissions”, you may not have the access to disable yourself. When in doubt, use your best judgment and only download vetted apps.
The big question here is: What is being done to fix this issue?
The researchers who discovered this say, “Some of the issues uncovered by this work are design-related issues — not simple bugs — and it thus necessarily takes more time to fix them. Moreover, these are not "classic" low-level issues, but UI-related problems.” Luckily, they have detailed their communication with Google and the most recent update of this ongoing conversation (see below), however, there is no fix in sight.
In a recent article by Mashable, a spokesperson for Google stated, “We’ve been in close touch with the researchers and, as always, we appreciate their efforts to help keep our users safe. We have updated Google Play Protect – our security services on all Android devices with Google Play – to detect and prevent the installation of these apps.”