TapTrap: Animation-Driven Tapjacking on Android
Philipp Beer
34th USENIX Security Symposium (USENIX Security '25) · Day 2 · Web and Mobile Security
This talk introduces **TapTrap**, a novel and highly stealthy tapjacking attack vector on Android that leverages custom activity entry animations to manipulate user input. Presented by Philipp Beer, a PhD student at Tioine, this research uncovers a fundamental flaw in how Android handles activity transitions, allowing a malicious application to render a victim activity transparent or scaled while it remains at the top of the activity stack and receives all user touches. Unlike traditional tapjacking attacks that rely on visible overlays, TapTrap operates by making the victim activity itself invisible, effectively bypassing existing Android mitigations designed to detect and prevent overlay-based attacks.
AI review
Solid, original mobile security research that identifies a genuinely novel bypass of Android's entire tapjacking mitigation architecture. The attack surface — custom entry animations in same-task transitions — is specific, technically grounded, and the 76% Play Store exposure rate with a confirmed user study where even warned participants couldn't detect the attack makes this real, not theoretical.