Comment on Hackers can steal 2FA codes and private messages from Android phones

<- View Parent
NaibofTabr@infosec.pub ⁨2⁩ ⁨days⁩ ago

Normally I would agree with this perspective, but in this case the “malicious app” is just a demo. It requires no permissions to do the malicious behavior, which means that the relevant code could be included in any app and wouldn’t trigger a user approval, a permissions request or a security alert. This could be hiding in anything that you install.

source
Sort:hotnewtop