A new proof-of-concept malware targeting touchscreen devices shows a potential security threat in which user finger swipes could be used to see exactly how consumers interact with their devices, according to security firm Trustwave.
Specifically, the malware is able to log the X and Y coordinates of touch swipes on a device, along with capturing screenshots to help record touch coordinates. The proof-of-concept also allows the cyber criminal to only capture screenshots when a user enters a specific app, and a full demonstration and disclosure will be made at the RSA security conference next month.
"The more interesting thing is, if you get a screenshot and then overlay the touch events, you're looking at a screenshot of what the user is seeing, combined with dots, sequentially, where the user is touching the screen," according to Neal Hindocha, Trustwave senior security consultant.
It seems if this security threat hit the wild, it would be used against specific targeted users and companies, and won't end up becoming a widespread threat to the average smartphone or tablet user.