Hackers can target this Android feature as a vulnerability by creating fraud application pop-ups that replace the bank app or social networking app standard log-in screen and thus collect user information. The screen would blip so fast that users wouldn’t even notice that the original log-in has been replaced by this fake pop-up.
Hackers at the DefCon conference exposed this design flaw in the Android operating system that could be exploited by criminals to phish for customer data or to introduce pop-up ads to smart-phones.
Normal users cannot identify such applications from the “permissions required” displayed at the time of installation as it is a legitimate function for many applications.
According to Google, they have not seen any apps maliciously using this technique on the Android Market and they will remove such apps, if found.
A user has to be careful as attackers could post apps much faster than Google could identify and remove them from the Market.
To avail the introductory 50% discount offer please visit our Quick Heal Mobile Security page here.
To download the free trial version for your Android device please visit Android market by clicking on below link:
No Comments, Be The First!