Android malware steals user credentials using optical character recognition - eviltoast
  • eroc1990@lemmy.parastor.net
    link
    fedilink
    English
    arrow-up
    17
    ·
    1 year ago

    Most integrated password managers should thwart this assuming the user doesn’t reveal their passwords, though. The only thing in plaintext that would be visible would be the username. Of course, this assumes that OCR is their only vector.

    • Chozo@kbin.social
      link
      fedilink
      arrow-up
      9
      ·
      1 year ago

      If the password is being manually typed by the user, you could still theoretically use OCR against the keyboard inputs updating as the user taps each key, since most keyboards will highlight the selected key in some way.

      • okbuddyretard@kbin.social
        link
        fedilink
        arrow-up
        5
        arrow-down
        3
        ·
        1 year ago

        @Chozo That’s exactly why we should pick our mobile keyboards wisely lmao. Also regarding that, there are alot of open-source keyboards on F-Droid.