Researchers Show Android 4.0 ClickJacking Demo

While Android is still one of the most rapidly growing mobile platforms, Google still has yet to address some of the more serious concerns regarding the security of their offerings. With devices being released and activated at a rate of 850,000 per day, coupled with the ability for users to use tools that allow for one-click rooting, Google has found themselves in one hell of a predicament. Google’s “Bouncer” is supposed to reduce the amount of malware present in the Play Store — which surprisingly has already been dissected by Duo Security.

Today, researchers from North Carolina State University have spilled the beans on clickjacking Android 4.0 Ice Cream Sandwich. In the demo, an application is installed on the phone which allows for redirecting application shortcuts. This means a user can launch an application, but another one is actually called instead — perhaps a malicious application. Instead of the stock Android browser launching, an identical browser launches, but all textbox entries are written out to a log file for later transporting to an attacker.

The demo device is a stock Google Nexus S running the last version of Ice Cream Sandwich available, 4.0.4.

If the name ‘Xuxian Jiang’ is familiar to you, it’s because he is also behind numerous research papers showing off the sad state of affairs with Android. While the chances that this has been fixed in the recently announced Android 4.1 (Jelly Bean) is slim, Jiang has a good track record with Google, as he is the founder of the Android Malware Genome Project. For the time being, you should probably put your Android phone in a shoebox and go back to using a Nokia 3310.