Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore a groundbreaking security research presentation that unveils TapTrap, a novel zero-permission attack exploiting UI animations to bypass Android's permission system and undermine user trust in mobile interfaces. Learn how malicious apps can leverage activity transition animations to stealthily gain access to sensitive data or execute destructive actions like device wiping without user approval, effectively circumventing existing tapjacking defenses that target overlays. Discover the research methodology behind analyzing 99,705 Play Store apps, revealing that 76.3% are vulnerable to this attack vector, while finding no evidence of active exploitation in the wild. Examine the real-world feasibility through user study results showing all 20 participants failed to detect at least one attack variant, and understand how TapTrap's impact extends beyond Android to enable tapjacking and web clickjacking attacks. Gain insights into this animation-driven vulnerability that remains effective even on Android 15, presented by security researchers from TU Wien and University of Bayreuth, whose findings resulted in two assigned CVEs and contribute to the broader understanding of mobile security threats.
