Android users running on an operating system version older than Oreo have been warned of an attack capable taking control of devices if patching is not carried out soon.
This threat is an overlay attack, and it works by cloaking itself beneath a fake screen to trick the user into activating the malicious process being carried out.
Overlay attacks are based on stealth, and in addition to requiring the user to initiate them, they must also get in by being installed from Google Play. Once this attack has made entry, it is able to assume control and launch malware and ransomware.
The Unit 42 threat research team from Palo Alto Networks uncovered the Toast attack affecting operating systems older than Oreo, finding that it is capable of functioning completely out of view of the user, while subtly influencing what they are doing.
Palo Alto Networks researcher Christopher Budd said in a blog: “An ‘overlay attack’ is an attack where an attacker’s app draws a window over (or “overlays”) other windows and apps running on the device. When done successfully, this can enable an attacker to convince the user he or she is clicking one window when, in fact, he or she is actually clicking another window.”
Last year an emergency Android patch was released to combat a rooting application, this vulnerability ultimately gained the ‘Critical’ severity status as the extent of the problem became apparent.
Continuing to be one of the greatest risks to cybersecurity, human forgetfulness or laziness has previously proven dangerous in terms of patching. The recent WannaCry ransomware attack that had a global impact was able to have crippling effects on the NHS due to a widespread failure to patch.
Recent research into cybersecurity trends revealed the top most prominent threats to data security, these included ransomware, DDoS attacks and insider threats. This information was by Infloblox and the SANS Institute.
This article is from the CBROnline archive: some formatting and images may not be present.