MODERN SMARTPHONES TAKE pains to “sandbox” apps, keeping them carefully segregated so that no mischievous program can meddle in another app’s sensitive business. But security researchers have found an unexpected feature of Android that can surreptitiously grant an app the permission to not merely reach outside its sandbox but fully redraw the phone’s screen while another part of the operating system is running, tricking users into tapping on fake buttons that can have unexpected consequences. And while that hijacking of your finger inputs isn’t a new feat for Android hackers, a fresh tweak on the attack makes it easier than ever to pull off.

The Hack

On Thursday researchers at Palo Alto networks warned in a blog post that users should rush to patch their Android phones against what they’re calling a “toast overlay” attack: For all versions of Android other than the recently released Oreo, they describe how users can be tricked into installing a piece of malware that can overlay images atop other apps and elements of the phone’s controls and settings. It could, for instance, insert a picture of an innocent “continue installation” or mere “OK” button over another hidden button that invisibly gives the malware more privileges in the phone’s operating system or silently installs a rogue app—or it could simply take over the screen and lock the user out of all other parts of the phone in a form of ransomware.

“They can make it look like you’re touching one thing when you’re touching another,” says Palo Alto researcher Ryan Olson. “All they have to do is put an overlay a button over ‘activate this app to be a device admin’ and they’ve tricked you into giving them control of your device.”

Android overlay attacks have existed for almost as long as Android itself. But despite repeated efforts from Android’s developers at Google to fix the problem, another version of the overlay attack was presented earlier this year at the Black Hat security conference. That new attack, known as Cloak and Dagger, took advantage of two features of Android to make overlay attacks possible again: One that’s called SYSTEM_ALERT_WINDOW designed to allow apps to display alerts and another known as BIND_ACCESSIBILITY_SERVICE that allows apps for disabled users such as the seeing-impaired to manipulate other apps, magnifying their text or reading it aloud. Any malware that performs the Cloak and Dagger attack would need to ask the user’s permission for those features when it’s installed, and the system alert feature is only allowed in apps inside the Google Play store.

The toast overly attack takes Cloak and Dagger one step further, the Palo Alto researchers say. They found that they could hijack the accessibility feature to perform a specific form of overlay using so-called “toast” notifications that pop up and fill the screen, with no need for the system alert permission. That tweak not only reduces the permissions that the user must be tricked into granting but also means the malware could be distributed from outside the Google Play store, where it wouldn’t be subject to Google’s security checks.

When WIRED reached out to Google about the attack, a spokesperson declined to comment but noted that Google released a patch for the problem Tuesday.

Who’s Affected?

Every version of Android prior to Oreo is vulnerable to the new version of the overlay attack, according to Palo Alto—unless you’ve already installed Google’s patch. (Thanks to the complexities of Android’s entanglements with carriers and handset manufacturers, you most likely haven’t.)

The most recent version of Android prior to Oreo does have a safeguard that only allows toast notifications to be displayed for 3.5 seconds. But that can be circumvented by putting the notification on a repeated, timed loop. “If you do it over and over and over, you can create a continuous overlay that’s not visible to the user as changing,” Olson says.

How Serious is This?

While Palo Alto calls its toast overlay method a “high severity vulnerability,” it’s not exactly cause for panic. Palo Alto notes that it has yet to see the attack used in the wild. And users would have to make a series of mistakes (albeit forgivable ones) before the attack can wreak its havoc: You’d have to first install the malware that’s equipped with the method after it already snuck into the Play store—or you made the less forgivable mistake of installing it from a source outside Play—and then grant it “accessibility” permissions before it could start popping up its deceptive toast notifications.

But that doesn’t mean the toast overlay attack isn’t worth a quick update to fix: Better to patch your phone’s operating system now than worry about malicious toast seizing its screen for ransom.