I'd actually like to see a list of real world security incidents that occured on EOL android devices. Not out of date browsers. (Chrome can still be updated) but devices no longer getting OS security updates.. something tells me it's very very rarely if ever an actual issue in real life.
In the article it explains how Google and the ransomers are doing a cat and mouse thing. If your phone is not keeping up, that could definitely be an issue.
An anecdote, but I've never heard anybody from my social circles to have their phone hacked. I keep reading about all these holes, but somehow they don't seem to be widely exploited in the real world.
Plenty of people do it... And it doesn't actually backfire often - the worst that seems to happen is your phone will self-install unremovable adware if you visit the wrong website.
