Influenza A virus subtype H5N1 few months back, an Android toast overlay message exploit abused the toast overlay organization to arts and crafts a full-screen overlay pushed through the toast notification itself. This allowed a malicious assailant to arts and crafts a UI window through a toast overlay which made users unknowingly enable administrator access for an application or enable accessibility services for the application. Now, it seems, this overlay exploit educate on has been flora inwards the Google Play Store, amongst the educate on detected every bit ANDROIDOS_TOASTAMIGO past times TrendMicro. The exploit, flora inwards the Google Play Store, was flora inwards many applications including ane amongst over 500,000 downloads every bit of Nov 6th, 2017.
Toastamigo is the commencement weaponisation of the concept too it affects all versions of Android except for Android Oreo too devices which accept received the September 2017 or after safety patch. Asking users to grant accessibility service access, the applications inwards inquiry too therefore used the exploit to draw an “analysing apps” overlay over the covert every bit it began to grant itself administrator access too install roughly other application on the device dubbed Clickamigo, past times formulating tap actions using the accessibility service granted. This plant because the user does non quest to grant window overlay access so the regular user won’t notice if anything seems malicious.
Clickamigo seems to hold out the primary role of the attack. Loading squall networks too using a proxy server when they don’t load, Clickamigo only clicks AdMob or Facebook ads to brand the master copy creator of the application a profit. The application too therefore protects itself through like methods of giving itself administrator access too accessibility service access, along amongst disabling mobile safety apps on the device too fifty-fifty rating itself on the Google Play Store.
It precisely goes to demo that precisely because an application is available inwards the Play Store, it does non hateful that it is safe. Users should nevertheless hold out careful of the applications they install too use.
