The recent discovery of the Cloak & Dagger attack vector, which can steal personal information by mimicking the activities of apps, is indicative of the new level of sophistication that Android-targeted malware has reached. To increase the chances of defeating attacks of this nature, in-app security needs to move to the top of the agenda for any app-focused business. This is according to app security specialist Promon.
According to researchers at the Georgia Institute of Technology, Cloak & Dagger works by using Android’s design and screen behaviours against users, hiding activities such as keystroke recording, stealthy phishing and the enabling of app permissions behind seemingly innocuous screens. To combat such a dangerous strain of malware that can be so hard to detect, Promon believes that apps have a greater need than ever to be proactively protected, both during runtime and when they are idle.
Tom Lysemose Hansen, founder and CTO at Promon, said: “Cloak & Dagger is a particularly nasty example of Android malware, given its level of sophistication in being able to effectively steal information in a way that can be very difficult for users to notice. Due to its nature, it’s also likely to inspire copycat versions, so it certainly shouldn’t be treated as an isolated case.
“While it is possible to disable the exploit by turning off the ‘draw on top’ permission in a device’s settings, the stealthy nature of Cloak & Dagger makes fast, definitive action on the part of users unlikely. Instead, app developers need to think about what they themselves can do to guard against such a threat.”
Hansen believes that runtime application self-protection (RASP) software can be particularly useful in fighting malware of this nature.
He added: “RASP software is advantageous because it proactively detects and eliminates threats while an app is running. Malware such as Cloak & Dagger works by monitoring someone’s activity while they are using an app, so it is crucial that app protection is able to thwart attacks at this point.”
With the General Data Protection Regulation (GDPR) now less than a year away from implementation, Hansen also thinks that Cloak & Dagger should shine a spotlight on the urgent need for businesses to secure their mobile apps before GDPR comes into force.
He concluded: “Mobile threats are only going to increase in sophistication. At the same time, the stipulations of GDPR mean the financial penalties for experiencing a data breach will be particularly severe. The time to act is now, while the malware threat level is high, and there is still some time left to prepare for GDPR’s arrival.”
