From a quick glance of the paper this attack seems to exploit any app that has the necessary privilege.
My guess is even stock Android has to have at least some of these priviledged apps, but the more you have the greater the risk.
- On the matter of shooting down Amazon delivery drones with shotguns
- OHM MY GOD! Move over graphene, here comes '100% PERFECT' stanene
- Lightning strikes USB bosses: Next-gen jacks will be REVERSIBLE
- Google's new cloud CRUSHES Amazon in RAM battle
- Beijing leans on Microsoft to maintain Windows XP support