• Margot RobbieOPM
    link
    English
    111 year ago

    A bunch of malicious crypto apps with hidden malware that overlays over legitimate crypto wallets to steal credentials. Technique looks very sophisticated based on the article’s breakdown.

    • @kvothelu
      link
      English
      41 year ago

      you have to specifically give permission to overlay. I never give overlay permission even to most popular apps.

      • Margot RobbieOPM
        link
        English
        61 year ago

        It seems like they ask for accessibility permissions first, and exploits that to automatically click “accept” and grant itself other permissions, which I assume overlay is one of them.

        • @ngwoo
          link
          English
          11 year ago

          This dumb shit is why Google keeps crippling the accessibility API more and more. Idiots need to stop clicking on stuff just because the app asks them to.