Report

SIDEWINDER TARGETED ATTACK AGAINST ANDROID IN THE GOLDEN AGE OF AD LIBRARIES

Although little malware has been found in Google Play, both Android apps and the Android system itself contain vulnerabilities. Aggressive ad libraries also leak the user’s private information. By leveraging all these vulnerabilities, an attacker can conduct more targeted  attacks, which we call “Sidewinder Targeted Attacks.” 

In this paper we explain the security risks from such attacks, in which an attacker can intercept and use private information uploaded from ad libraries to precisely locate targeted areas such as a CEO’s office or specific conference rooms. When the target is identified, a “Sidewinder Targeted Attack” exploits popular vulnerabilities in ad libraries, such as Javascript-binding-over-HTTP  or  dynamicloading-over-HTTP,  etc.

This research provides a look into how the Sidewinder Targeted Attack allows threat actors to take over Android devices to track location, take photos, send texts, and more via the ads libraries Android apps are built on.

Download Now