> That the app does not require permissions is the notable bit here. The article... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		autoexec 5 months ago \| parent \| context \| favorite \| on: Hackers can steal 2FA codes and private messages f... > That the app does not require permissions is the notable bit here. The article mentions that "the attacker renders something transparent in front of the target app". I would have thought that sort of thing would require the "appear on top" permission.

SoftTalker 5 months ago [–]

This sounds like a trick I read about years ago. Disappointing if it hasn’t been fixed.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact