The threat actors carry out the operation particularly when the password manager is trying to autofill login credentials.
In a presentation at the Black Hat Europe security conference, the researchers revealed that the majority of Android password managers are susceptible to AutoSpill even in the absence of JavaScript injection.
How AutoSpill Works
WebView is frequently used in Android apps to render web content, which includes login pages, within the app, rather than redirecting users to the main browser, which would be more challenging on small-screen devices.
Android password managers automatically enter a user’s account information when an app loads the login page for services like Apple, Facebook, Microsoft, or Google by utilizing the WebView component of the platform.
According to the researchers, it is possible to exploit vulnerabilities in this process to obtain the auto-filled credentials on the app that is being invoked.
The researche
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.