Security researchers which claimed earlier this year to have revealed serious vulnerabilities in the way Android stores fingerprint data have again stated warnings over the operating system.FireEye researchers Tao Wei and Zhang Yulong used a Black Hat conference in Las Vegas on Wednesday to outline new ways to attack Android devices to extract user fingerprints.In the attack outlined, victims' fingerprint data directly falls into a hackers hand.”This means that for the rest of the victim's life, the attacker can keep using the fingerprint data to do other malicious things”, Zhang said, singling out the Samsung Galaxy S5 and HTC One Max for criticism.Zhang noted that Apple's iPhone, which pioneered the modern fingerprint sensor, is “quite secure,” as it encrypts fingerprint data from the scanner.”Even if the attacker can directly read the sensor, without obtaining the crypto key, [the attacker] still cannot get the fingerprint image,” he said.In April, the pair showed how hackers merely need root-level access to Android to intercept the data. “If the attacker can break the kernel [the core of the Android operating system], although he cannot access the fingerprint data stored in the trusted zone, he can directly read the fingerprint sensor at any time. Every time you touch the fingerprint sensor, the attacker can steal your fingerprint,” Zhang was quoted saying to Forbes.At the time, a Samsung spokesperson told Forbes over email that it was investigating FireEye's claims.