There are zero details on what this actually was and what it actually did, and whether it was an actual exploit that escaped the sandbox, or if it tricked users into granting it privileges via extensive permissions such as accessibility.

Is there a better source for this? My money says it's yet another "Android malware" that just relies on the user being tricked into giving it power.

  • de0u replied to this.

    Graphene1 Any thoughts from the community on this article?

    • Installing lots of apps, especially dodgy ones, increases risk.
    • None of the apps were open-source (this time?)

      de0u Might as well happen to FOSS software, although probably less likely.

        • [deleted]

        Eirikr70 with IzzyOnDroid or LibChecker you have an idea which libs the app is using.

          [deleted] I think it wouldn't help me that much
          1- I wouldn't check all the libs,
          2- I wouldn't know the risk level of each lib.
          Anyway, I suppose FOSS software are less subject to using crappy libraries, since those libraries should be open source.