Preface: Blackhat conference held 3rd to 6th December 2018 in London. A topic awaken people bring attention to the smartphone security awareness especially Android OS.
Cyber security expert observe that a malform type of counterfeit apps spreading via watering hole websites and phishing emails. Targets were likely approached directly and encouraged to visit the malicious websites to download the counterfeit apps.
Regarding to the Android Security Bulletin announce on December 2018. It looks that there are more vulnerabilities found. The Critical vulnerability found could let local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. For my personal point of view, the variant of surveillance malware so called Silverhawk. It will embedded with existing Android vulnerabilities engage the cyber attack. For more details, please refer to attached diagram for reference.
Reference: Blackhat conference presentation – Electronic Army’s Mobile Tooling : https://i.blackhat.com/eu-18/Wed-Dec-5/eu-18-DelRosso-Under-the-SEA.pdf