Cloak & Dagger

There is a new vulnerability for which Android device users must be alert. The vulnerability is known as 'Cloak & Dagger', allows a hacker to take complete control of a someone else mobile device and affects even the latest versions of Google's operating system.
TechCrunch tells Cloak & Dagger to take advantage of specific permissions that do not notify users of apps on the official Google Store, the Play Store.
It seems one of these permissions is the ability to open a small window over another app to be used or a transparent object with which the user can interact.

Cloak & Dagger
The vulnerability allows to track user activity on your smartphone, making it easy to enter PIN code, 2-step authentication, data and password theft, and even take remote control of the entire device.
Google has already expressed this vulnerability in its operating system:
"We have been in contact with the investigators and, as always, we appreciate their efforts to help keep users safe. We've upgraded Google Play Protect, our security services on all Android devices with Google Play, to detect and prevent the installation of these applications. Before this report we had already built new security protections on Android which will further strengthen our protection from these issues going forward. "