Cloak and Dagger Attack Targets Android Users Worldwide

Android users all over the world remain a very popular target for criminals looking to obtain specific information. A new type of Android-only attack has been identified, which goes by the name of “Cloak and Dagger”. What makes this attack so powerful – and troublesome – is how it can run secretly on a phone without the user noticing anything. Moreover, the hackers responsible for these attacks can log information and remotely install software on the device.

Cloak and Dagger Is A Problem For Android Users

It is not the first time Android users have to deal with a major attack. Nor is it the first time such an attack is virtually undetectable by the device user. Cloak and Dagger is nothing new based on these parameters, but that doesn’t mean people should dismiss the threat so easily either. In fact, having a malicious tool capable of logging keystrokes and installing apps remotely is a major problem.

To be more specific, this new exploit makes use of a bug found in the Android UI. Moreover, it only requires two specific permissions to start causing havoc, which is quite troublesome. More importantly, neither of these permissions requires root access, indicating the exploit can be used against virtually any Android device in the world right now. It is only a matter of time until a security update is released, though.

Researchers are quite concerned about this exploit, considering the Android operating system automatically grants one of the two required permissions automatically. That is, assuming the software is downloaded from the Google Play Store in the first place. Furthermore, the assailants can easily trick users into granting the second permission. All it takes is hiding a layer of malicious activity below what the user sees on the screen, and the chances of success increase exponentially in the process.

This is partially what makes the Cloak and Dagger attack so dangerous. Users who are affected by this exploit won’t even notice anything is wrong, as their interactions with the Android device will look like normal. However, it is the software running below the visual layer that is of major concern. Keylogging information and remotely installing apps on the phone are just a few of the potential consequences.

Security researchers are even more concerned about how the accessibility app can be used to unlock the phone and interact with other applications even when the device’s screen is completely turned off. It is unclear what an attacker could do with this, although we do know the malicious activity will remain hidden from the user. It is also an excellent way for assailants to completely erase tracks of any wrongdoings, as the user would never know something has occurred.

Thankfully, Google has been made aware of this problem, and their engineers are already working on a solution. It is evident the researchers discovering this exploit want to ensure the Android ecosystem is safe at all times. Google Play Protect has been updated to detect and prevent installation of applications looking to execute code beneath the visual layer of the Android device in question.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.