Researchers have discovered a way to target a huge number of Android and iOS apps that could allow them to remotely sign into any victim’s mobile app account without any knowledge of the victim. Hundreds of popular US and Chinese Android apps with a total of over 2.4 Billion downloads that are vulnerable to this issue. Researchers estimate that over a Billion different mobile app accounts are at risk of being hijacked with their attack. The researchers did not test their exploits on iPhones, but they believed that their attack would work on any vulnerable app sitting on Apple’s iOS mobile operating system.
Source: https://thehackernews.com/2016/11/android-oauth-hacking.html