COMPUTER SCIENCE
and ENGINEERING

Nowadays during the distributing and downloading of Android application packages, it is always be vulnerable to download hijacking attacks. Traffic analysis could be used by sites to detect if they are under this kind of regular download hijacking attacks. Unlike the regular ones, the stealth download hijacking attacks cannot be discovered by using such a method. By studying in an actual case, this paper presents a vulnerability of android application package download hijacking, which can be exploited to implement a stealth download hijacking by deploying bypass devices. And the victim sites can hardly notice it by using current methods. The cause, influence and mechanism of the exploit are discussed in this paper, and we also strive to give a solution for it.