AutoSpill Attack Exposes Android Password Managers to Credential Theft

At the Black Hat Europe conference, researchers from the International Institute of Information Technology in Hyderabad revealed that most Android password managers are vulnerable to the AutoSpill attack, which allows credentials to be stolen during autofill operations.

How AutoSpill Works

Researchers explained that Android apps often use WebView to render web content, such as login pages, within the app instead of redirecting users to the main browser—a more cumbersome process on small screens. Android password managers also use the WebView framework to automatically enter user credentials when an app loads a login page for services like Apple, Microsoft, or Google.

According to the experts, even without JavaScript injection, weaknesses in this process can be exploited to intercept autofilled credentials. If JavaScript injection is possible, then all Android password managers become vulnerable to AutoSpill.

The root of the AutoSpill problem is that Android lacks defined rules for securely handling autofilled data, which can lead to leaks or interception by the host app. For example, a malicious app providing a login form can capture user credentials without leaving any trace of compromise.

Test Results and Affected Password Managers

Researchers tested AutoSpill against several password managers on Android 10, 11, and 12, and found that 1Password 7.9.4, LastPass 5.11.0.9519, Enpass 6.8.2.666, Keeper 16.4.3.1048, and Keepass2Android 1.09c-r0 are vulnerable to these attacks. In contrast, Google Smart Lock 13.30.8.26 and DashLane 6.2221.3 use a different autofill approach and do not pass sensitive data to the host app unless JavaScript injection is used.

• U — Username leak
• P — Password leak
• X — Attack does not work
• ✓ — Protected from AutoSpill

Industry Response and Mitigation Efforts

The researchers reported their findings to software developers and the Android security team, along with suggestions for addressing the issue. While the report was acknowledged as valid, there are currently no public plans to fix the vulnerability.

Journalists from Bleeping Computer reached out to the developers of several vulnerable password managers and to Google for their responses.

• 1Password stated they are already working on a fix for AutoSpill. They noted that while autofill is convenient, a malicious app installed on a device could trick users into autofilling credentials, and AutoSpill highlights this risk. “The autofill feature in 1Password is designed to require explicit user actions,” the company emphasized.
• LastPass said they had already communicated with the researchers in 2022 and “concluded that this is a low-risk vulnerability due to the mechanisms required for exploitation.” They added, “To exploit this vulnerability, a malicious app must be installed on the target device, which already implies full compromise, or be able to execute code on the device. Even before the research results, LastPass had a pop-up warning when exploitation was detected. After reviewing the research, we made the warning more informative.”
• Keeper developers also reported a similar warning and emphasized that users are prompted to confirm app binding before entering information. They also noted that exploiting the issue requires prior installation of a malicious app, making the attack more difficult.
• Google provided the following comment: “WebView is used by Android developers for various purposes, including hosting login pages for their own services within apps. The [AutoSpill] issue is related to how password managers use the autofill API when interacting with WebView. We recommend third-party password managers be cautious about where passwords are entered, and we have best practices for working with WebView that we recommend all password managers follow. For example, when using Google Password Manager for autofill on Android, users receive a warning if they enter a password for a domain that Google believes may not belong to the host app, and the password is only filled in the appropriate field. Google implements server-side protections for logins via WebView.”

As of now, users are advised to be cautious when installing apps and to pay attention to warnings from their password managers, especially when using autofill features within apps.