Android devices not running Oreo are vulnerable to ‘Toast’ overlay attack

SECURITY FIRM Palo Alto Networks has let off a warning for users of older versions of Android which are vulnerable to an attack that could trick them into downloading malware.

Palo Alto informs us that the method of attack is a so-called “overlay attack”, adding that this is a method that is rather out of fashion these days because of measures made in security systems. However, when these are bypassed, they can be very effective .

“Overlay attacks have not been reckoned as a serious threat for a while now as there were always two significant hurdles the attacker needed to overcome to be successful. However, Unit 42 has uncovered that these mitigating factors can be in fact be bypassed,” it said.

“Our Unit 42 research shows that there is a way to carry out overlay attacks where these mitigating factors don’t apply. If a malicious app were to utilize this new vulnerability, our researchers have found it could carry out an overlay attack simply by being installed on the device. In particular, this means that malicious apps from websites and app stores other than Google Play can carry out overlay attacks,” explained the firm.

“It’s important to note that apps from websites and app stores other than Google Play form a significant source of Android malware worldwide. The particular vulnerability in question affects an Android feature known as ‘Toast.’

“‘Toast’ is a type of notification window that ‘pops’ (like toast) on the screen. ‘Toast’ is typically used to display messages and notifications over other apps.”

The most up to date version of Android is protected against the threat, but Palo Alto said that it was “critical” that anyone on Android 8.0 installs all the latest updates for their device.

 

Leave a Reply

Your email address will not be published. Required fields are marked *