Hack Brief: Patch Your Android Phone To Block An Evil ‘Toast’ Attack | WIRED
MODERN SMARTPHONES TAKE pains to “sandbox” apps, keeping them carefully segregated so that no mischievous program can meddle in another app’s sensitive business. But security researchers have found an unexpected feature of Android that can surreptitiously grant an app the permission to not merely reach outside its sandbox but fully redraw the phone’s screen while another part of the operating system is running, tricking users into tapping on fake buttons that can have unexpected consequences. And while that hijacking of your finger inputs isn’t a new feat for Android hackers, a fresh tweak on the attack makes it easier than ever to pull off.
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.