← Back to brief
Policy SafetyOfficialPreprintarXiv Cryptography and Security

Mind the Gap: Action Rebinding Attacks against Android GUI Agents

Jul 16, 2026

Researchers have identified a novel cross-application 'Action Rebinding' attack that targets Android GUI agents powered by large multimodal models. This attack allows a malicious app with zero permissions to hijack the agent's execution, enabling privileged operations such as file deletion, SMS transmission, and app uninstallation. The attack exploits the observation-action gap in the agent's reasoning process and achieves a 100% success rate for atomic hijacking, while evading detection by commercial malware scanners.

Why it matters: This work exposes a fundamental security vulnerability in emerging high-privilege GUI agents on Android, revealing that current sandboxing and malware detection mechanisms are insufficient to prevent such attacks.

Full story at: arXiv Cryptography and Security

More coverage