Tapjacking Vulnerability
Tapjacking Vulnerability
Description
The Tapjacking Vulnerability is a security flaw that allows an attacker to overlay malicious content or interfaces on top of legitimate applications, tricking users into interacting with the attacker's content instead. This can lead to various malicious activities, such as stealing sensitive information, capturing login credentials, or performing unauthorized actions on the user's behalf.
Below are examples of incorrect overlay handling:
<Button
android:id="@+id/buttonLogin"
android:layout_width="wrap_content"
android:layout_height="wrap_content"
android:layout_marginTop="20dp"
android:text="LOGIN"
app:layout_constraintBottom_toTopOf="@id/textViewRegister"
app:layout_constraintLeft_toLeftOf="parent"
app:layout_constraintRight_toRightOf="parent"
app:layout_constraintTop_toBottomOf="@id/textInputPasswordL"
android:filterTouchesWhenObscured="false"/> // vulnerable
public class YourActivity extends AppCompatActivity {
@Override
public void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_your_layout);
Button yourButton = findViewById(R.id.yourButtonId);
yourButton.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View view) {
// Handle button click
}
});
}
}
class YourActivity : AppCompatActivity() {
override fun onCreate(savedInstanceState: Bundle?) {
super.onCreate(savedInstanceState)
setContentView(R.layout.activity_your_layout)
val yourButton: Button = findViewById(R.id.yourButtonId)
yourButton.setOnClickListener {
// Handle button click
}
}
}
Recommendation
To mitigate Tapjacking vulnerabilities in mobile applications, developers should:
- Thoroughly validate and filter user inputs and application settings to prevent exploitation by malicious overlays.
- Pay special attention to sensitive settings vulnerable to manipulation by overlays, such as authentication parameters or access controls.
- Implement strict input validation checks on user-modifiable settings to prevent unauthorized changes.
- Provide clear user guidance within the application on recognizing and avoiding suspicious overlays.
- Regularly update the application to address newly identified vulnerabilities.
- Consider implementing overlay detection mechanisms to enhance the application's resilience against potential threats.
- Set the
filterTouchesWhenObscuredon views to true. - Set security policies for touch event using
onFilterTouchEventForSecurity.
Below are examples of secure overlay handling:
<Button
android:id="@+id/buttonLogin"
android:layout_width="wrap_content"
android:layout_height="wrap_content"
android:layout_marginTop="20dp"
android:text="LOGIN"
app:layout_constraintBottom_toTopOf="@id/textViewRegister"
app:layout_constraintLeft_toLeftOf="parent"
app:layout_constraintRight_toRightOf="parent"
app:layout_constraintTop_toBottomOf="@id/textInputPasswordL"
android:filterTouchesWhenObscured="true"/>
public class YourActivity extends AppCompatActivity {
@Override
public void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_your_layout);
Button yourButton = findViewById(R.id.yourButtonId);
yourButton.filterTouchesWhenObscured = true
yourButton.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View view) {
// Handle button click
}
});
}
}
class YourActivity : AppCompatActivity() {
override fun onCreate(savedInstanceState: Bundle?) {
super.onCreate(savedInstanceState)
setContentView(R.layout.activity_your_layout)
val yourButton: Button = findViewById(R.id.yourButtonId)
yourButton.isFilterTouchesWhenObscured = true
yourButton.setOnClickListener {
// Handle button click
}
}
}
Links
Standards
- OWASP_MASVS_L1:
- MSTG_PLATFORM_2
- OWASP_MASVS_L2:
- MSTG_PLATFORM_2
- PCI_STANDARDS:
- REQ_2_2
- REQ_6_2
- REQ_6_3