This is a user generated content for MyStory, a YourStory initiative to enable its community to contribute and have their voices heard. The views and writings here reflect that of the author and not of YourStory.

Nightmare for android users: Clickjacking, the new ransomware variant

Until Android 'O' releases, clickjacking could pose a threat to majority of devices running on Android operating system.

Nightmare for android users: Clickjacking, the new ransomware variant

Tuesday May 23, 2017,

4 min Read

The horror of ransomware has not even subsided yet, and we are faced with another variant of it in the form of clickjacking. Want to know what the hype about it is?

Well, clickjacking is a malicious technique of tricking a web user into clicking on something different from what the user perceives they are clicking on, thus potentially revealing confidential information or taking control of their computers or phones. This could be very dangerous if there are important click-activated actions. It is vulnerable across a variety of browsers and platforms. It isn’t limited to just computers but mobiles phones as well, like most recently it has been demonstrated (by researchers at Skycure) that it could apparently pose a threat to a majority of devices using Android OS.

Clickjacking’s Backbone

While the accessibility feature of Android has brightened the lives of people with disabilities by making it easier for them to use their devices running this OS, unfortunately, it has also provided a path for the click jacker (attacker) into a majority of these devices.

It starts by showing a fake package installation dialog to the user and while this dialogue is displayed, it encrypts all the files located on external storage and collects the user’s sensitive information. Once the user clicks on continue, the app requests the device administrator for API. After some delay, a false dialog “installation is complete” is presented. This is when the user is tricked into giving the malware elevated privileges. Starting from Android 5.0 (Lollipop), the platform prevents such dialog types from displaying over the system permission dialogue. Thus, apparently, it only affects devices running versions older than Android 5.0, which amounts to almost 67% of Android devices.

Intention of The Clickjackers

The purpose behind clickjacking is to access all the sensitive information of the infected device, as well as take automated actions via other apps or the OS, without the victim’s consent. This could include all personal and work emails, SMS messages, data from messaging apps, sensitive data on business applications etc. Whereas the automated actions that it could take include changing admin permissions, changing or disabling the device’s passcode or even wiping the device remotely. All this could be done without having the victim to click on anything or be aware of the happening. This is what makes clickjacking so dreadful.

Look How Protection Against Clickjacking is Possible

Already started to have nightmarish thoughts of your android device being click jacked? So have the majority of people who are using the devices running on Android OS.

But when sufficient protection measures are taken, then most of the disastrous situations are handled effectively, in addition to the reduced stress that they offer. Let us look at the ways by which we can protect our devices from clickjacking.

Upgrading to the latest version of Android should be the first and absolutely essential step to protect your android device against clickjacking, since these versions create better protections against such attacks.

Also, one should be alert enough not to click on dialog boxes that pop up on a screen unless there’s some certainty about what caused them to appear.

It would be wise to stick to Google Play for apps download rather than downloading apps from unauthorized and third-party sources.

Installing a mobile threat defense app on your device could also offer some protection against the threat.

Another thing which could be done to defend against it would be to enable Android’s ‘Verify Apps’ feature to recognize and stop potentially harmful apps. This feature scans all the apps that are downloaded from third-party stores for malware, both before and after the app is downloaded and installed on a device.

Emails should also be protected by installing and implementing a strong spam filter, and checking it often.

Browsers should be protected as well, by installing appropriate plugins. This step is less time consuming than others, yet reduces the risk to a great extent.

Now, imagine that you’ve installed an app from Google Play itself, and not from some random third party store, and yet your device gets click jacked. You may wonder how in the heck could that be possible since we have told you earlier that doing this could prevent you from this attack. While it is comparatively a safer option to install apps from Google Play instead of third party stores, it is not completely harmless. A new research from Check Point Software Technologies suggests that Google didn’t completely remediate this issue from its Marshmallow version. Hence, until Android Developer releases its new version of Android O, this potential threat remain unfixed.

Reference : Clickjacking