Although the two Android permissions -- SYSTEM_ALERT_WINDOW and BIND_ACCESSIBILITY_SERVICE -- have been separately abused to create redressing attacks and accessibility attacks, these previous cyberattacks never could ...