Mobile Android cryptocurrency wallet users are at risk for hacking because of a new vulnerability that allows the MediaProjection service to capture the user’s screen and audio content. More than three-quarters of all Android users are at risk, as the bug affects the Lollipop, Marshmallow and Nougat platforms.

Google has accidentally created the risk, since the release of Lollipop 5.0. Prior to this release, the MediaProjection functionality was only available to system-level applications and through release keys. All new systems since have been vulnerable to this type of data attack.

Popup coverup

Apparently, when a hacker seeks to start recording screen information, a popup will appear, informing the user. However, hackers are able to cover that popup with a second popup in a process called ‘tapjacking.’ According to experts on the topic:

"Furthermore, the SystemUI pop-up is the only access control mechanism available that prevents the abuse of the MediaProjection service. An attacker could trivially bypass this mechanism by using tapjacking this pop-up using publicly known methods to grant their applications the ability to capture the user’s screen.”

Google has offered a patch in the Oreo (8.0) version, but all previous versions are at risk. Cryptocurrency users who access private wallets on mobile devices could very easily have their wallets hacked via this system and are encouraged to upgrade to the latest system for protection.