A newly discovered Android vulnerability is actively exploited by malware such as the BankBot banking Trojan. The new vulnerability was named StrandHogg and it can be exploited without the need of rooting the device. Once exploited, it allows malicious apps to camouflage as almost any legitimate app. The vulnerability affects all versions of the operating system up to and including Android 10. Google has not yet fixed the issue on any version of Android thus directly exposing any Android users to malware designed to abuse it. There is no reliable method of detecting if StranderHogg was exploited on an Android device and there is no way to block such an attack.
Source: https://www.bleepingcomputer.com/news/security/actively-exploited-strandhogg-vulnerability-affects-android-os/