Direct Resource Hijacking in Android is Still Dangerous

Android provides flexible inter-application (or app) communication by exporting the components of one app to others. Each app can define customized permissions to control the access from others to its exposed components. However, an attacker can easily access the exported components and private app information by evading permission check in Android. In this article, we present a new attack called direct resource hijacking attack by hijacking exported components or permissions on components. We find that among top 230 popular apps 53 apps are vulnerable to this attack. To tackle this vulnerability, we propose a fine-grained resource access control framework in Android and introduce a certificate-augmented resource naming mechanism. With this, malicious apps cannot hijack a victim apps permissions to steal its data, or hijack a victim apps components to receive its data. We hope our scheme will shed light on a new design of resource protection in Android.