Copy+paste crew rip off white hat proof-of-concepts and make them dangerously real. Symantec engineer Dinesh Venkatesan says malware writers have one up on Google with the pillaging of a keystone trick that permits attacks on Android Marshmallow. The method was extracted from white hat proof-of-concept works published initially to show how malware could extract credentials from Android apps. It allows malware to determine the running apps on a device and relies on social engineering users.
View full story
ORIGINAL SOURCE: The Register
