Password managers can be tricked into believing that malicious Android apps are legitimate

Discussion in 'mobile device security' started by guest, Sep 26, 2018.

  1. guest

    guest Guest

    Password managers can be tricked into believing that malicious Android apps are legitimate
    Password managers from Keeper, Dashlane, LastPass, and 1Password found to be vulnerable, study finds
    September 26, 2018
    https://www.zdnet.com/article/passw...g-that-malicious-android-apps-are-legitimate/
    Research: "Phishing Attacks on Modern Android" (PDF): http://www.s3.eurecom.fr/~yanick/publications/2018_ccs_phishing.pdf
     
    guest, Sep 26, 2018
    #1
  2. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    8,642
    Location:
    USA
    This is why I don't use my phone for much of anything but a phone.
     
    xxJackxx, Sep 28, 2018
    #2
  3. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,559
    Location:
    The Netherlands
    Yes, Android is full of security holes. I think it's a dumb idea to shift important services to mobile phones.
     
    Rasheed187, Sep 29, 2018
    #3
  4. 142395

    142395 Guest

    Just as a note, when autofill is firstly activated to any new app it gives a small popup. This should mitigate actual risk to some extent, especially when the form is invisible. But I don't use autofill.
     
    142395, Sep 29, 2018
    #4
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...