Palo Alto Networks has warned Android users - pretty much all of them - that unless they're running the latest, Android Oreo, version of the operating system they could be vulnerable to an attack that could tricks them into downloading malware.
Palo Alto claims that the method of attack is a so-called "overlay attack", adding that this is a method that is rather out of fashion these days due to improved operating system security. However, when measures are bypassed, they can be very effective.
"Overlay attacks have not been reckoned as a serious threat for a while now as there were always two significant hurdles the attacker needed to overcome to be successful. However, Unit 42 has uncovered that these mitigating factors can be in fact be bypassed," it said.
When the malware is installed and where it does manage to bypass protection systems, it can wreak havoc, and the company advises that punters only take their apps from the official Google Play store.
"Our Unit 42 research shows that there is a way to carry out overlay attacks where these mitigating factors don't apply. If a malicious app were to utilize this new vulnerability, our researchers have found it could carry out an overlay attack simply by being installed on the device.
"In particular, this means that malicious apps from websites and app stores other than Google Play can carry out overlay attacks," explained the firm.
"It's important to note that apps from websites and app stores other than Google Play form a significant source of Android malware worldwide. The particular vulnerability in question affects an Android feature known as 'Toast.'
"'Toast' is a type of notification window that 'pops' (like toast) on the screen. 'Toast' is typically used to display messages and notifications over other apps."
The most up to date version of Android is protected against the threat, but Palo Alto said that it was "critical" that anyone on Android 8.0 installs all the latest updates for their device.
MWR's Countercept platform and phishd technologies key to F-Secure acquisition
Brexit labour shortages will lead to higher adoption of robotics
Newbies will be thrown in with the big boys on Sanhok as Kar98 fodder
Data is the perfect intersection of logic and emotion