Abstract
Security attacks continue to emerge on daily basis due to the fast growth in the number of smart devices and mobile applications. Attacks take different malware forms such as Spyware and Trojan exploiting different operating system vulnerabilities, specially the well known vulnerable operating system; Android OS. In this paper, we study the malicious use of the “NotificationListener” service in Android 4.3 and 5.0. A Trojan application, known as SMS backup, is developed to spy the notifications of other applications. Such an application requires only two permissions that include “Notification Access” and “Internet”. These permissions are used to extract and send user's messages of other applications to the attacker's email through Internet. Our malware is able to alter and/or delete the notification before being displayed. For experimental results, the malware was tested against notifications of WhatsApp, BBM, SMS, and Facebook messenger using different Android versions including Lollipop 5.0. Experiments show that our malware succeeded against all the tested applications running Android version 4.3. Moreover, BBM and SMS messages are still extractable in the newer version of Android (Lollipop 5.0).
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
