Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    December 2012
    S M T W T F S
    « Nov   Jan »
  • Email Subscription

  • About Us

    Archive for December 14th, 2012

    Using social engineering tricks, a developer can create an app that tricks users into tapping a specifically-crafted app popup window (called toast view), making it a gateway for varied threats.This attack, dubbed tapjacking, takes advantage of a specific vulnerability in Android user interaction (UI) component.

    This technique is not very complicated but has serious security implications to Android users.

    But before we get into the details of tapjacking, let me explain briefly where this UI vulnerability is stemming from.

    Introduction to app activity

    Android displays UI elements in the unit of activities. An activity is a system component that takes up the whole screen size and can hold many different views, which is a rectangle area shown on the device’s screen.

    Below is an example of an activity that contains two views namely (1) text view, which is where a user can encode a text and (2) button that a user clicks (or taps). As seen below, an activity may take up the whole screen even if a large part of it is empty (or black). Below is a screenshot* of an activity in the app WarGames:

    An app has several activities with each activity representing a UI element that may consume the whole screen. The OS manages different activities using a data structure called stack, with the most recent activity shown on top of the stack while the older ones are situated below it. The currently displayed activity is always shown on top and is the only one that can respond to a user’s tap or swipe.

    Read the rest of this entry »

    Posted in Mobile | Comments Off on Tapjacking: An Untapped Threat in Android

    Reports are circulating that a fake installer for Mac OS has surfaced, proving that Mac OS is still fair game when it comes to web threats.

    Our friends from Dr. Web have uncovered a fake installer for Mac OS X. Detected as OSX_ARCHSMS.A, users may encounter this threat by downloading from websites peddling supposed legitimate software. Once installed, it shows an image that looks like an installation wizard window.

    The curious aspect of this threat is that OSX_ARCHSMS.A asks users for their cellphone number and for the verification code to be sent via SMS. When done, users are prompted to agree with the terms and conditions of the program, which include being charged regularly via their mobile phone account. Needless to say, no program is installed and users end up being charged for a fake (and non-existent) program.

    Read the rest of this entry »

    Posted in Mac | Comments Off on Fake Installer for Mac OS Charges Users via Their Mobile Account


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice