Friday, September 3, 2010

Tapjacking: A Recent Vulnerability for Smart Phones

I survived my first week of classes and thought I would share something interesting that pertains to smart phones.
First, here is a video from cnet that demonstrates what clickjacking is, which is the basis for tapjacking.

Now that you have an understanding of what clickjacking (also known on facebook as likejacking), the same principals are applied to smart phones, such as the iPhone, Blackberry, et al.  This is the only video I can find on tapjacking.

I've got to give credit to the ingenuity of the people who come up with this stuff, although it's not nice things they're doing with these hacks.  If anyone has more info on tapjacking, post in the comments section.

If you found this post interesting, follow and bookmark this blog.  Don't forget to share this with friends using the share buttons below.

See you next post


  1. Thank you, Bill! I understood the first video but wasnt very clear with the second one. Question: When the camera turns on it gives me a green light which means I am on air. So, when its tapjacked I would be able to see the green light and would wonder why my webcam is on, right? Or, of course, they have it so coded that I don't see the green light and I am still on air. Hmmm, I think I am going to cover my webcam with a tape. miio_oiim

  2. Hi miio_oiim! Thanks for the comment. I would have to assume that if you were clickjacked and the code was to turn your camera on, the green light would be visible.

    Tapjacking pertains only to smart cell phones, so when you tap your finger or a stylus on a link in your phone's web browser, it could send you a twitter account, as the video showed. I could also guess that if your phone has video capabilities, a hacker could turn on the cam by tapjacking. I'll have to look into this.