Recent cyber attacks on Android has left it defenseless. According to a report by antivirus software maker McAfee, Android is now the “most attacked mobile operating system,” with a jump in malware attacks of 76 percent in the last quarter.
Cloak & Dagger- An attack that manipulates attributes of the operating system’s visual design and user interface to hide malicious activity. This attack affects all recent versions of Android, up to the current 7.1.2. Once the attacker gains user approval for the accessibility permission by tricking the subject, the attacker can abuse it for types of keystroke logging, phishing, and even stealthy installation of other malicious apps for deeper access to the victim system. Another similar attack is TL;DR which also abuses permissions to infect the Android operating system and get the details of the user hiding behind the innocent request.
Clickjacking- In this version of the attack, malicious apps hide ill-intentioned activity behind innocuous-looking screens. For example, the app can request permission that the user must approve but cover that request notification with another screen that asks for something innocent, leaving a hole in the cover screen for the real “Accept” button.
Just last week, the security firm Check Point discovered a new strain of Android malware called “ExpensiveWall” lurking in about 50 apps in the Play Store. They had cumulatively been downloaded between 1 million and 4.2 million times. Meanwhile, researchers at the security firm ESET announced in early September that they had found malicious apps from the BankBot malware family in Google Play. The applications, which had names like “Earn Real Money Gift Cards” and “Bubble Shooter Wild Life,” had malware directly in them and were also built to quietly download additional nefarious apps once installed. The list goes on.
“If you have a billion devices that are out there—no matter how good your security is—some of them are going to have bugs, some of them are compromised,” says Ludwig, Security consultant, Google.
From the recent stats, we can observe that attacker are being attracted to android due to it’s large no. of users (2 billion active users across the world) over Apple iPhone. The Second reason is that Google is working with many mobile companies rather than Apple who works with only one Phone maker. Google has to prepare an effective security system but not of one type only. They have to build many structures of the patches for each model of mobile. This brings a lot of work and complications as they have to architect many patches. Thirdly, Google takes an open-source approach, unlike IoS of apple which have controlled submission. Developers don’t need to wait for approval to list an app in the store. Google relies on users to mark suspicious and malicious apps instead.
Google wants to keep their market clean and safe so that consumers won’t hesitate and that won’t let them stop downloading apps from the store. They are constantly working on developing the security of the OS while keeping their MOJO. Google’s Play Protect security suite verifies app and lets you know that the app is verified by Google and is good to use. Still, malicious apps frequently slip in, and some attract millions of downloads before Google can find and remove them.
To find the solution against it, Google has assembled a team, who are working together to develop AI bots. They believe that AI can bring them some improvement where they won’t lose Model and defend against attacks. The development is still in the early stage and this revolution might take more time to complete. At the moment, Google doesn’t have the volume of problems it needs to train its neural networks as completely as it would like. Ironically, to really embrace machine learning, Google needs more Android problems to feed the neural network—or better neural networks.