In recent, researchers have discovered a new vulnerability “Cloak & Dagger” in android devices that affect version up to Android 7.1.2. The exploit allows a hacker to install malicious software such as keyloggers inside your device and even the exploit needs two permissions to work, the ‘draw on top’ permission and the ‘accessibility’ permission.
The exploit is even dangerous because Android grants the permission ‘draw on top’ automatically to apps installed from Google Play Store and the apps can easily trick inexperienced users into granting ‘accessibility’ permissions.
Even the exploit trick users into tapping on malicious things like keyloggers and others which leads to keystroke recording, phishing, click-jacking and silent installation of app (with all permission enabled).
Google is aware of the problem and they have updated the new ‘Play Protect feature’ to detect and reject such apps. It has been pointed out that users should be careful when installing apps and always check permissions before installing apps.