When an application displays a permission dialog, the malicious application you installed will display a system overlay to cover up the permission dialog’s text block with whatever text it wants. An unwitting user who clicks “allow” on the permission dialog box will be tricked into granting a permission that they were asked for – but for which the request was hidden from the user’s view.
- mwrlabs/tapjacking-poc
- limbenjamin/tapjacking: Proof of concept code for tapjacking.
- iwo/marshmallow-tapjacking: Demonstrates how Android Marshmallow permissions dialog can be hijacked by the app drawind on top of it. (You may also download the apks from here)
- AlvarezAriel/android-tapjacking-example