NEWYou can now listen to Fox News articles!
A team of university researchers has discovered a new Android safety feat that raises many questions about the authorization system of the platform. The technique, named Taptrap, uses user interface animations to deceive you visually by granting sensitive authorizations or by performing harmful actions. Unlike previous tapjacking attacks, Taptrap Android Attack works by launching transparent system prompts on regular application interfaces. The result is an almost invisible layer that silently captures your taps and interactions.
Register for my free cyberguy report
Get my best technological advice, my urgent safety alerts and my exclusive offers delivered directly in your reception box. In addition, you will have instant access to my survival guide at the ultimate – free swindle when you join my Cyberguy.com/newsletter
New Google AI makes robots smarter without the cloud
A person holding an Android phone (Kurt “Cyberguy” Knutsson)
How the feat of Taptrap Android encourages you to grant authorizations
As indicated by Bleeping Computer, Taptrap takes advantage of how Android manages the activity transitions between applications. A malicious application can start a screen at the system level using the standard start -up activity function, but change how the screen appears using personalized animation. By defining both the beginning and end opacity to a very low value, like 0.01, the activity becomes almost invisible for the user.
The touch entry is always fully saved by the transparent screen, even if the users only see the application visible below. The attackers can also apply a scaling animation that widens a specific user interface item, such as a authorization button, so that it fills the screen. This increases the chances that a user pressing the button without knowing it.
What is artificial intelligence (AI)?
The researchers have published a video showing how this technique could be used in a game application to quietly launch a Chrome browser authorization prompt. The prompt requests access to the camera and the user hits “authorize” without realizing what they did. Because the malicious screen is transparent, there is no visual clue to suggest that something suspect happens.
Image of an Android phone (Kurt “Cyberguy” Knutsson)
Why 76% of Android applications are vulnerable to Taptrap
To assess how widespread vulnerability, researchers have tested nearly 100,000 Play Store applications. About 76% proved to be potentially vulnerable, not because they are malicious, but because they lack key guarantees. These applications had at least one screen that could be launched by another application, shared the same stack of tasks, failed to replace the default transition animation and did not blocked the user entry during the transition.
Android allows these default animations. Users can only deactivate them by generally masked parameters, such as developer options or accessibility menus. Even the latest Android version, tested on a Google Pixel 8A, remains unprotected compared to this feat.
Grapheneos, an operating system focused on Android -based on Android, confirmed that its current version was also affected. However, he plans to publish a corrective in his next update.
Get Fox Affairs on the move by clicking here
Google has recognized the problem and said that a future Android update would contain attenuation. Although no exact chronology has been announced, Google should modify how the entries and animations are managed to prevent the interception of invisible Tap.
The company has added that developers must follow the strict policies of the play stores and that any application has found that the abuse of this vulnerability will face application measures.
A person holding an Android phone (Kurt “Cyberguy” Knutsson)
4 ways to stay away from Taprap attack
1) Consider a mobile security application: Use a confidence antivirus or mobile security application that can detect suspicious behavior or alert you to applications using overlays or accessibility features.
Get my choices for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices Cyberguy.com/lockupyourtech
2) Be selective on the applications you install: Avoid installing applications simply because they tend or have flashy ads. Check the developer’s credibility, recent reviews and application authorizations before download.
3) Stand at the Google Play store: Although it is not perfect, the Play Store has better guarantees than random APK sources. Avoid installing applications from third -party stores or unknown websites.
4) A break before granting authorizations: If an application suddenly requires access to your camera, microphone or other sensitive features, take a moment. Always ask yourself if this application really needs this authorization right now.
Kurt de Kurt to remember
Taptrap shows that security threats do not always come from a complex code or aggressive malware. Sometimes small oversights in visual behavior can open paths for serious abuses. In this case, the danger lies in what users do not see. People trust what they can see on their screens. This attack breaks this link by creating a visual discrepancy between intention and the result.
Click here to obtain the Fox News app
Trust the applications you install from the Play Store, or do you dig more deeply before download? Let us know by writing to Cyberguy.com/contact
Register for my free cyberguy report
Get my best technological advice, my urgent safety alerts and my exclusive offers delivered directly in your reception box. In addition, you will have instant access to my survival guide at the ultimate – free swindle when you join my Cyberguy.com/newsletter
Copyright 2025 cyberguy.com. All rights reserved.
