Android malware steals user credentials using optical character recognition - eviltoast
  • kvothelu@lemmy.world
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    you have to specifically give permission to overlay. I never give overlay permission even to most popular apps.

    • Margot Robbie@lemmy.worldOPM
      link
      fedilink
      English
      arrow-up
      6
      ·
      1 year ago

      It seems like they ask for accessibility permissions first, and exploits that to automatically click “accept” and grant itself other permissions, which I assume overlay is one of them.

      • ngwoo@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        This dumb shit is why Google keeps crippling the accessibility API more and more. Idiots need to stop clicking on stuff just because the app asks them to.