> In the beginning, the malicious app is started by the user. The app creates a full screen view in the foreground. A view is a rectangular area on the screen which is responsible for event handling and drawing. Additionally, it contains UI components such as buttons and text fields [13]. The malicious app opens the preinstalled Google Play Store app in the background. The view of the malicious app overlays the opened Google Play Store app. As a result, the user does not notice that the Google Play Store app is opened. The chargeable app of the attacker is selected in the Google Play Store app. Furthermore, the Google Play Store app contains the button Buy for 50 $.
Is this even possible? Android allows developers to "launch" other applications "behind" the foreground app, and click events actually make it back down to the target app? I find this hard to believe.
I don't know if it used to be possible, but it certainly isn't now by default. If you give accessibility permissions to an app, then it can draw overlays, but otherwise apps cannot overlay other apps.
I have an app installed that essentially draws over the entire view to darken the screen, while all interactions pass through transparently. It can't draw over certain areas, like some popups and the notification bar, but most of that wouldn't matter for malicious interactions.
Is this even possible? Android allows developers to "launch" other applications "behind" the foreground app, and click events actually make it back down to the target app? I find this hard to believe.