Hi All, Recently, I came across a new clickjacking attack as shown here:
http://web.ncsu.edu/abstract/technology/wms-jiang-clickjack/ For the Clickjacking attack, they have not released the report yet so not much details is available. But see the following website which contains the comments from the researcher himself: http://web.ncsu.edu/abstract/technology/wms-jiang-clickjack/comment-page-1/#comment-72612 Some pointers: - It is a UI readdressing attack. - It is done by hijacking the launcher, which is completely different from earlier overlaying-based approaches. - This is supposedly different from other earlier attacks that involves clickjacking and was patched in Android 2.3 - See: http://news.softpedia.com/news/Android-2-3-Features-Protection-Against-UI-Redressing-Attacks-171185.shtml - The phone is not rooted and the attack does not involve kernel space operations like system calls redirection etc. Anybody has more info on how the attack is done (source code, report etc)? Any idea how the applications could be hidden? Similarly for example while using my app, i want to hide all the other applications, is this possible? Thanks and Regards, Perumal -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To view this discussion on the web visit https://groups.google.com/d/msg/android-security-discuss/-/-Z_mdqFbDb4J. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
