Hackers can steal 2FA codes and private messages from Android phones! Researchers discovered a new Android side-channel that defeats app isolation. By installing a malicious app, an attacker can directly see what other apps display, for instance 2FA codes or Seed phrases! The exploit uses Android APIs and a hardware side channel present on nearly all modern devices. Google has declined to fix this, resolving the report as “Won’t fix (Infeasible).” If you show sensitive data on your screen, you risk losing all your crypto. Simply don't use your phone to secure your crypto. Use a hardware wallet!(Vladimir S. | Officer's Notes)