A-COPILOT: Android Covert Operation for Private Information Lifting and OTP Theft
This paper investigates an underexplored avenue of cybersecurity threats in mobile computing, with a particular focus on the Android platform, which, due to its open nature and widespread adoption, is a fertile ground for cyber threats. We present a Proof-of-Concept (PoC) Android application that, while ostensibly benign, can execute covert malicious operations by exploiting the process of permission granted. Specifically, the app manipulates accessibility permissions to autonomously acquire additional permissions needed for executing unauthorized activities without the user's knowledge. The research outlines conditions for minimal detection risk, leveraging the times when users are less likely to interact with their devices. The study provides a deeper understanding of the abuse potential of Android's accessibility features and highlights the critical need for comprehensive security measures to counteract such exploitations.
History
Journal/Conference/Book title
Fourteenth ACM Conference on Data and Application Security and PrivacyPublication date
2024-06-19Version
- Pre-print