AutoSpill attack steals credentials from Android password managers

Security researchers created a brand-new exploit to steal Android account credentials while autofilling, which they called AutoSpill.

Researchers from the International Institute of Information Technology (IIIT) in Hyderabad stated during a presentation at the Black Hat Europe security conference that their testing revealed that the majority of Android password managers are susceptible to AutoSpill even in the absence of JavaScript injection.

Android apps frequently render web content, like login pages, within the app using WebView controls rather than sending users to the main browser, which would be more difficult on devices with small screens.

Android password managers automatically enter a user’s account information when an app loads the login page for services like Apple, Facebook, Microsoft, or Google read more AutoSpill attack steals credentials from Android password managers.

Get up to date on the latest cybersecurity news and enhance your knowledge of cybersecurity with our thorough coverage of the dangers, breaches, and solutions.

Leave a Reply

Your email address will not be published. Required fields are marked *