Standardlikelihood: Lowseverity: LowDraft

CAPEC-506Tapjacking

Abstraction
Standard
Status
Draft
Likelihood
Low
Severity
Low

Description

An adversary, through a previously installed malicious application, displays an interface that misleads the user and convinces them to tap on an attacker desired location on the screen. This is often accomplished by overlaying one screen on top of another while giving the appearance of a single interface. There are two main techniques used to accomplish this. The first is to leverage transparent properties that allow taps on the screen to pass through the visible application to an application running in the background. The second is to strategically place a small object (e.g., a button or text field) on top of the visible screen and make it appear to be a part of the underlying application. In both cases, the user is convinced to tap on the screen but does not realize the application that they are interacting with.

Related weaknesses· 1

CWE-1021

Related attack patterns· 1

CAPEC-173 (ChildOf)

Exploits1

TypeTargetConfidenceTier
WeaknessImproper Restriction of Rendered UI Layers or Framescwe-1021100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Android Activity Hijack
CAPEC
Clickjacking
CAPEC
Action Spoofing
CAPEC
Root/Jailbreak Detection Evasion via Hooking
CAPEC
Intent Spoof
CAPEC
Application API Button Hijacking
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.