This talk explores how attackers exploit the Android Runtime Resource Overlay (RRO) mechanism to dynamically alter application resources. By overriding resources at runtime, malicious actors can change an app’s appearance and behavior on the fly, manipulating the user experience to trick users into unintended actions.
The session also analyzes the specific security risks for app developers and highlights effective mitigation strategies to defend against these attacks.