There is a new Android vulnerability that is affecting millions of Android devices. This new issue is called Cloak & Dagger, and it was found by the researchers over at Georgia Institute of Technology. This new Cloak & Dagger attack could happen to millions of Android devices as it impacts Android 7.1.2 and below. That basically means nearly every Android device could become susceptible to the new Cloak & Dagger attack. If you have an Android device, read on to learn more about this attack method.
Cloak & Dagger Exploit Found in Millions of Devices
The new Cloak & Dagger exploit basically would end up hiding nefarious activity behind the regular app-generated behaviors and design. This Cloak & Dagger attack uses the design and screen behaviors from Android itself to hide what the hackers and attackers are really doing. This would then allow the hacker to get screen interactions and then not be found out due to the ability to hide behind the normal screens.
Hackers will be able to hide their activities with the Cloak & Dagger attack. The researchers were able to recreate the attack that included malware putting a grid over the Android screen, which was invisible and unable to be seen. Once the researchers did this, they could capture and mirror the regular keyboard you see on the screen. When you think about what Cloak & Dagger could end up leading to, a hacker could do a ton of different attacks with this.
The hackers could record keystrokes and pull of a ton of clickjacking attacks. Even God-mode, which would enable every permission, could be pulled off silently with the Cloak & Dagger issue.
More Information on Cloak & Dagger
When you look at what Cloak & Dagger is, it really is like a new Android attack method. The hackers are using the design and layout of Android to their advantage. The hacker could end up controlling the enter user-interface feedback loop, and the user would never know the malicious activity was taking place.
Nearly every Android device out there could be affected since this could happen on any and all devices up to Android 7.1.2, which is actually the newest version of Android. For now, there does not really seem to be a real fix for this problem. You can help stop the potential exploit by going into your Settings and turning off the “Draw On Top” permission. You will find this on Android 7.1.2 in Settings under Apps, and then clicking on “Gear Symbol” and going to “Special Access.”
Google did say that the company was talking to the researchers, and Google Play Protect was since updated. Google Play Protect is supposed to help keep Android devices safe that are running Google Play. Google Play Protect should prevent these malicious apps from being installed, and Google did say that newer security features were coming with Android O. Google said that Android O will offer even more protections for Android users, including protection from Cloak & Dagger and similar types of attacks.
If you would like to keep yourself even safer from Cloak & Dagger among other issues, there are some things you can do. The biggest thing that you should do is never install apps that you do not know of or you know nothing about. Only install apps from Google Play Store and check the permissions that the app needs before you agree to download the app.
You also should remember that going to third-party app stores is often the biggest downfall for people on Android, since third-party apps are not verified by Google and carry a huge risk. You also should make sure to get a virus scanner for your Android device, which can help detect unusual activities that could result in your Android device being affected by things like Cloak & Dagger.