Researchers Create Clickjack Rootkit, Stay Ahead Of Hackers
A Research Team led by Xuxian Jiang at North Carolina University is working on discovering smartphone flaws that are inherent to the platform, in order to fix the loopholes before black hat hackers could exploit them. As a part of this research, Jiang developed a prototype rootkit which attacks the Android framework, rather than the underlying operating system kernel. Jiang found this rootkit to be capable of infecting Android 4.0.4 (Ice Cream Sandwich) as well as earlier versions.
#-Link-Snipped-#
Clickjacking is a malicious technique of tricking the user into clicking on something different from what it appears. The rootkit can attach itself to an app, and once the infected app is downloaded, the rootkit will be able to manipulate the smartphone. For example, the rootkit could hide in the phone's browser and replace it with a fake browser, stealing all the sensitive information you enter. In fact, the rootkit can hijack almost any or even all the apps on the smartphone.
This kind of attack is very sophisticated in its approach and is tailored for smartphone platforms, Jiang says. The fact that no existing mobile security was able to flag the rootkit as malicious makes it even more dangerous. Fortunately, for us, the good guys got to it first.
A video demo describing the operation of the Clickjack Rootkit is here -
<object width="640" height="480" classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0"><param name="allowFullScreen" value="true" /><param name="allowscriptaccess" value="always" /><param name="src" value="https://www.youtube.com/v/RxpMPrqnxC0?version=3&hl=en_US" /><param name="allowfullscreen" value="true" /><embed width="640" height="480" type="application/x-shockwave-flash" src="https://www.youtube.com/v/RxpMPrqnxC0?version=3&hl=en_US" allowFullScreen="true" allowscriptaccess="always" allowfullscreen="true" /></object>
Source: #-Link-Snipped-#Â Image Credit: #-Link-Snipped-#
#-Link-Snipped-#
Clickjacking is a malicious technique of tricking the user into clicking on something different from what it appears. The rootkit can attach itself to an app, and once the infected app is downloaded, the rootkit will be able to manipulate the smartphone. For example, the rootkit could hide in the phone's browser and replace it with a fake browser, stealing all the sensitive information you enter. In fact, the rootkit can hijack almost any or even all the apps on the smartphone.
This kind of attack is very sophisticated in its approach and is tailored for smartphone platforms, Jiang says. The fact that no existing mobile security was able to flag the rootkit as malicious makes it even more dangerous. Fortunately, for us, the good guys got to it first.
A video demo describing the operation of the Clickjack Rootkit is here -
<object width="640" height="480" classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0"><param name="allowFullScreen" value="true" /><param name="allowscriptaccess" value="always" /><param name="src" value="https://www.youtube.com/v/RxpMPrqnxC0?version=3&hl=en_US" /><param name="allowfullscreen" value="true" /><embed width="640" height="480" type="application/x-shockwave-flash" src="https://www.youtube.com/v/RxpMPrqnxC0?version=3&hl=en_US" allowFullScreen="true" allowscriptaccess="always" allowfullscreen="true" /></object>
Source: #-Link-Snipped-#Â Image Credit: #-Link-Snipped-#
0