New research presented at the DefCon event this weekend has shown that a core design feature of Android could be exploited to at least annoy and possibly defraud users. Trustwave's SpiderLabs head Nicholas Percoco warned that a standard Android API can not only push an app to the front and steal focus from another but disable the standard back button command. At the least, it could create pop-ups within an ad, but CNET saw examples of apps that would appear legitimate but quickly switch to a fake app to phish info.
