Go to DBLP homepageFratricide! Hijacking in Android Multi-Window
Abstract: Android’s multi-window solutions allow several apps to coexist on one screen, providing powerful functionalities and appealing visuals for modern mobile devices. However, this opens the door for potential malware hijacking attacks. In our study, we unveiled Android’s insufficient security measures against malware activity in multi-window modes, and identified strategies on how to bypass these measures. We first introduced long-term monitoring methods through background services or malicious sub-window activities, and then designed and implemented 7 multi-window hijacking strategies to achieve multi-window hijacking in the three mainstream multi-window modes. To evaluate the effectiveness and impact of the attacks, we ran the hijacking in different system versions supporting multi-window solutions, and simulated the hijacking on 262 popular apps. All of the apps suffer from at least two types of multi-window hijacking attacks, and more than 65% of them can be attacked by all the 7 multi-window hijacking attacks. Furthermore, we designed and distributed a questionnaire to gather user opinions towards these attacks. 85% of respondents believe that the multi-window hijacking is highly covert and difficult to defend against. Of significance, we received acknowledgement and award fund from development teams of impactful apps.
External IDs:dblp:journals/tdsc/GuoWWDLL25
Loading