\u00a0Sign up for my FREE CyberGuy Report<\/strong> NEW GOOGLE AI MAKES ROBOTS SMARTER WITHOUT THE CLOUD<\/strong><\/a><\/p>\n A person holding an Android phone\u00a0(Kurt “CyberGuy” Knutsson) \u00a0 \u00a0\u00a0 <\/p>\n How the TapTrap Android exploit tricks you into granting permissions<\/strong><\/p>\n As reported by Bleeping Computer, TapTrap takes advantage of how Android<\/a> handles activity transitions between apps. A malicious app can launch a system-level screen using the standard start Activity function but modify how the screen appears using a custom animation. By setting both the start and end opacity to a very low value, such as 0.01, the activity becomes nearly invisible to the user.<\/p>\n Touch input is still fully registered by the transparent screen, even though users only see the visible app underneath. Attackers can also apply a scaling animation that enlarges a specific user interface element, such as a permission button, so that it fills the screen. This increases the chance that a user will unknowingly tap the button.<\/p>\n WHAT IS ARTIFICIAL INTELLIGENCE (AI)?<\/strong><\/a><\/p>\n The researchers released a video showing how this technique could be used in a gaming app to quietly launch a Chrome browser permission prompt. The prompt asks for camera access, and the user taps “Allow” without realizing what they have done. Because the malicious screen is transparent, there are no visual cues to suggest anything suspicious is happening.<\/p>\n Image of an Android phone\u00a0(Kurt “CyberGuy” Knutsson) \u00a0 <\/p>\n Why 76% of Android apps are vulnerable to TapTrap<\/strong><\/p>\n To assess how widespread the vulnerability might be, the researchers tested nearly 100,000 apps from the Play Store. About 76% were found to be potentially vulnerable, not because they are malicious, but because they lack key safeguards. These apps had at least one screen that could be launched by another app, shared the same task stack, failed to override the default transition animation, and did not block user input during the transition.<\/p>\n Android enables these animations by default. Users can only disable them through settings that are typically hidden, such as Developer Options or Accessibility menus. Even the latest Android version, tested on a Google Pixel 8a, remains unprotected against this exploit.<\/p>\n GrapheneOS, a security-focused operating system<\/a> based on Android, confirmed that its current version is also affected. However, it plans to release a fix in its next update.<\/p>\n GET FOX BUSINESS ON THE GO BY CLICKING HERE<\/strong><\/a><\/p>\n Google has acknowledged the issue and said a future Android update will contain a mitigation. While no exact timeline has been announced, Google is expected to change how input and animations are handled to prevent invisible tap interception.<\/p>\n The company added that developers must follow strict Play Store policies and that any app found abusing this vulnerability will face enforcement actions.\u00a0<\/p>\n A person holding an Android phone\u00a0(Kurt “CyberGuy” Knutsson) \u00a0 \u00a0\u00a0 <\/p>\n 4 ways you can stay safe from TapTrap attack<\/strong><\/p>\n 1) Consider a mobile security app:\u00a0<\/strong>Use a trusted antivirus or mobile security app that can detect suspicious behavior or alert you to apps using overlays or accessibility features improperly.<\/p>\n Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at\u00a0CyberGuy.com\/LockUpYourTech<\/strong><\/p>\n 2) Be selective about the apps you install:\u00a0<\/strong>Avoid installing apps just because they\u2019re trending or have flashy ads. Check developer credibility, recent reviews and app permissions before downloading.<\/p>\n 3) Stick to the Google Play Store:\u00a0<\/strong>While not perfect, the Play Store has better safeguards than random APK sources. Avoid installing apps from third-party stores or unknown websites.<\/p>\n 4) Pause before granting permissions:\u00a0<\/strong>If an app suddenly asks for access to your camera, microphone, or other sensitive features, take a moment. Always ask yourself if this app really needs this permission right now.<\/p>\n Kurt\u2019s key takeaway<\/strong><\/p>\n TapTrap shows that security threats<\/a> do not always come from complex code or aggressive malware. Sometimes, small oversights in visual behavior can open paths for serious abuse. In this case, the danger lies in what users do not see. People trust what they can see on their screens. This attack breaks that link by creating a visual mismatch between intent and outcome.<\/p>\n CLICK HERE TO GET THE FOX NEWS APP<\/strong><\/a><\/p>\n Do you trust the apps you install from the Play Store, or do you dig deeper before downloading? Let us know by writing us at\u00a0Cyberguy.com\/Contact<\/strong><\/p>\n Sign up for my FREE CyberGuy Report<\/strong> Copyright 2025 CyberGuy.com.\u00a0 All rights reserved.<\/p>\n Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt\u2019s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"NEWYou can now listen to Fox News articles! A team of academic researchers has uncovered a new Android…\n","protected":false},"author":3,"featured_media":81002,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[17],"tags":[611,158,67,132,68],"class_list":{"0":"post-81001","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-mobile","8":"tag-mobile","9":"tag-technology","10":"tag-united-states","11":"tag-unitedstates","12":"tag-us"},"share_on_mastodon":{"url":"https:\/\/pubeurope.com\/@us\/114892076726206691","error":""},"_links":{"self":[{"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/posts\/81001","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/comments?post=81001"}],"version-history":[{"count":0,"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/posts\/81001\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/media\/81002"}],"wp:attachment":[{"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/media?parent=81001"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/categories?post=81001"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/tags?post=81001"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you\u2019ll get instant access to my Ultimate Scam Survival Guide – free when you join my\u00a0CYBERGUY.COM\/NEWSLETTER<\/strong><\/p>\n![\"A](\"https:\/\/www.europesays.com\/us\/wp-content\/uploads\/2025\/07\/1-new-android-attack-tricks-you-into-giving-dangerous-permissions-intro.jpg\")
<\/p>\n![\"Image](\"https:\/\/www.europesays.com\/us\/wp-content\/uploads\/2025\/07\/2-new-android-attack-tricks-you-into-giving-dangerous-permissions-body.jpg\")
<\/p>\n![\"A](\"https:\/\/www.europesays.com\/us\/wp-content\/uploads\/2025\/07\/3-new-android-attack-tricks-you-into-giving-dangerous-permissions-outro.jpg\")
<\/p>\n
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you\u2019ll get instant access to my Ultimate Scam Survival Guide – free when you join my\u00a0CYBERGUY.COM\/NEWSLETTER<\/strong>\u00a0<\/p>\n