Palo Alto Networks Unit 42 researchers have uncovered a high severity vulnerability in the Android overlay system, which allows a new Android overlay attack by using the “Toast type” overlay. All Android devices with OS version < 8.0 are affected by this vulnerability and patches are available as part of the September 2017 Android Security Bulletin. Android 8.0 was just released and is unaffected by this vulnerability. Because Android 8.0 is recent, this vulnerability affects nearly all Android devices currently in the market (see Table 1) and users should apply updates as soon as possible.
- ToastAmigo Malware Uses New Twist to Attack Toast Overlay Vulnerability Digest Article
- Google Awards Record $112,500 Bounty for Android Exploit Chain Digest Article
- Janus Vulnerability Allows Android App Takeover Digest Article
- Monero-Mining HiddenMiner Android Malware Can Potentially Cause Device Failure Digest Article
- Android Users: To Avoid Malware, Try the F-Droid App Store Digest Article