Key Information Vulnerability Description Vulnerability Type: Task Hijacking caused by Android Manifest Misconfiguration. Affected Application: Voice Changer - Sound Effects app (com.tuyangkeji.changevoice). Impact Scope: All Android versions prior to Android 11. Reproduction Steps 1. User downloads a malicious application. 2. User uses the malicious application. 3. User launches the victim application; however, the displayed activity is not the original app’s activity, but a phishing activity from the malicious app. 4. User mistakenly believes they are using the victim application, enters personal information or grants permissions, leading to information leakage or permission abuse. Principle Exploits the fact that most applications do not set the attribute, which defaults to the package name. The attacker sets the same value as the victim application, creating an identical task stack when launching the malicious activity. When the user opens the victim application, the malicious app’s task stack is actually launched, achieving task hijacking. Mitigation Measures Set the attribute for application activities in to , forcing all activities to use randomly generated task affinities. Alternatively, set within the tag to enforce this for all activities in the application. Attacker Code Example Video Proof of Concept Demonstrates the malicious program successfully hijacking the task; when the user launches the victim application, the malicious application is actually opened.