Summary: Google has introduced a new feature called Identity Check for Android devices, requiring biometric authentication for accessing sensitive settings outside of trusted locations. This feature aims to enhance security for Google Accounts and prevent unauthorized access. It is currently available on select Pixel and Samsung Galaxy devices running the latest software updates.
Threat Actor: Malicious Chrome Extension Developer | malicious Chrome extension developer
Victim: Various Organizations | various organizations
Keypoints :
- Identity Check locks sensitive settings behind biometric authentication when outside trusted locations.
- Biometric authentication is required for actions like accessing saved passwords, changing screen locks, and running factory resets.
- A spear-phishing campaign has targeted Chrome extension developers, leading to the compromise of legitimate extensions to harvest sensitive data.
Source: https://thehackernews.com/2025/01/androids-new-identity-check-feature.html