Privacy Leaks through Data Hijacking Attack on Mobile Systems

Daojuan Zhang,Guangming Yu,Yuanfang Guo,Dianjie Guo,L Long,Y Li,X Li,Y Dai,H Yang

doi:10.1051/itmconf/20171204011

Abstract

To persistently eavesdrop on the mobile devices, attackers may obtain the elevated privilege and inject malicious modules into the user devices. Unfortunately, the attackers may not be able to obtain the privilege for a long period of time since the exploitable vulnerabilities may be fixed or the malware may be removed. In this paper, we propose a new data hijacking attack for the mobile apps. By employing the proposed method, the attackers are only required to obtain the root privilege of the user devices once, and they can persistently eavesdrop without any change to the original device. Specifically, we design a new approach to construct a shadow system by hijacking user data files. In the shadow system, attackers possess the identical abilities to the victims. For instance, if a victim has logged into the email app, the attacker can also access the email server in the shadow system without authentication in a long period of time. Without reauthentication of the app, it is difficult for victims to notice the intrusion since the whole eavesdropping is performed on other devices (rather than the user devices). In our experiments, we evaluate the effectiveness of the proposed attack and the result demonstrates that even the Android apps released by the top developers cannot resist this attack. Finally, we discuss some approaches to defend the proposed attack.

Highlights

Nowadays, the mobile device is extremely popular and has become a primary choice to store and handle the privacy data, e.g., SMS messages, contact information, etc
To steal the user privacy persistently, one of the common methods for the attackers is to obtain the elevated privilege of the user devices and inject the eavesdropping modules
The attack is still effective in the shadow system even if the elevated privilege of the user device expires

Summary

Shadow Device

Severe risks which can be caused by the abuse of elevated privilege. As shown in Figure 1, the proposed data hijacking attack mainly consists of three steps. The attackers need to obtain the elevated privilege in the user devices. We assume that the privilege is obtained when the malwares are installed in the user devices or the devices are temporarily controlled by a spy. These approaches [22, 1, 2, 3, 4] can be employed to obtain the elevated privilege in the user devices. The attackers hijack the app data files in the user devices to construct the shadow system. In this phase, according to the information of the user device, a similar system (shadow system) is built and the same apps are installed by attackers.

SMS verification Incomplete verification

Real Device

Protocol Redesign Hardware Support