Android Police

Articles Tagged:

hijack

...

Instagram Android App Susceptible To Session Hijacking Due To Unencrypted HTTP Transfers

Alert! Alert! If you use Instagram's Android app, complete strangers could be looking at your photos of appetizers and makeup techniques right now! ...which is kind of the point of Instagram, I suppose. But security researcher Mazin Ahmed discovered that the app uses standard HTTP to transmit photos, cookies, and authentication (including usernames and unique IDs), instead of the encrypted HTTPS protocol. As Mr. Mackie is so fond of saying, that's bad.

Read More
...

Research Team Creates "Clickjack Rootkit" For Android That Can Hijack Apps, Exploit User Input

Xuxian Jiang, along with his research team at North Carolina State University, has cooked up a proof-of-concept "clickjack rootkit" which targets Android. The rootkit is unique not only in that it can function without a device restart, but also in that it targets Android's framework, not requiring deep modifications to the underlying firmware or kernel.

Clickjacking, for those unfamiliar, is a malicious technique typically used on the web to "trick" users into handing over control of their device or confidential information.

Read More
Quantcast