TapTrap Attack: Users Struggle to Detect Stealthy Permission Grabs
2025-07-23
A user study with 20 participants evaluated the detectability of TapTrap attacks during typical app interactions. Participants played KillTheBugs, a game embedding three TapTrap scenarios targeting location, camera, and device admin permissions. They played twice: once blind, once informed of potential attacks. Results showed low detection rates, even with visible indicators like a camera icon (only 4/20 noticed it initially). Location and device admin attacks went largely unnoticed even after being warned. The study highlights TapTrap's stealth and the need for improved security indicators.
Read more
Tech
user study