Major Security Bug Called StrandHogg Discovered in All Android Versions

Major Security Bug Called StrandHogg Discovered in All Android Versions

Promon in its blog post says that the Strandhogg vulnerability has kept all top 500 popular apps at risk with 36 malicious apps already identified.

Baptized StrandHogg, the security flaw allows infected apps to pose as legitimate apps, and researchers explain that all top 500 most popular apps available on Android are now at risk.

The vulnerability is called StrandHogg, which sounds a bit like a posh school in Scottland, but is, in fact, a flaw the allows hackers to create a fake login page pretending to be for a legitimate app.

The request showing up on the screen can provide attackers with access to the camera, read and send messages, record phone conversations, get location and Global Positioning System information, steal the contact list and phone logs, and extract all files and photos stored on the compromised device.

The new vulnerability discovered by Promon security researchers was named StrandHogg and it can be exploited without the need of rooting the device.


Dubbed Strandhogg, the vulnerability resides in the multitasking feature of Android that can be exploited by a malicious app installed on a device to masquerade as any other app on it, including any privileged system app. This Android vulnerability can even access sensitive information when users login within this malicious interface. "Attackers are aware of the vulnerability and actively exploiting it to steal banking credentials and money".

According to the researchers, some of the identified malicious apps were also being distributed through several droppers and hostile downloader apps available on the Google Play Store.

In its report, the security firm further added that there's no reliable method of detecting StrandHogg exploit being abused on a device. "The potential impact of this could be unprecedented in terms of scale and the amount of damage caused because most apps are vulnerable by default and all Android versions are affected", Promon CTO Tom Lysemose Hansen says.

Despite this, users might be able to notice various discrepancies while using their smartphones such as apps asking them to log in again, permission pop-ups without app names, apps asking for permissions they don't need, typos and UI mistakes, as well as buttons that don't work or don't work as expected. Google, however, removed the affected apps that could help drop StrandHogg on an Android device. There's also no way to block the attack at this instant, but you keep a close watch over what permissions an app asks.

Despite Penn State University researchers theoretically describing certain aspects of the StrandHogg vulnerability in 2015 and Promon notifying Google of their discovery this summer, Google has yet to plug the security hole, but they said they are investigating ways to improve Google Play Protect's ability to protect users against similar issues.

Related:

Comments

Latest news

Playing sounds of healthy reefs can pull fish towards degrading corals
Coral reefs, under likelihood from global warming, would perhaps well well be saved by attracting fish by song played underwater. Climate change and local anthropogenic stressors have been blamed as the cause of damage to coral reefs around the world.

Samsung Galaxy A (2020) series will be unveiled on December 12
Samsung Galaxy A51 , in all likelihood, will be launched first since it has already been spotted on various certification sites. With the official launch date a little more than a week away, we should get more information about the phones soon.

Robert Pattinson hoping for fans to forget Twilight after Batman
He's not the golden boy, unlike nearly every other comic-book character'. "I just think I'm kind of boring and old now". Pattinson's last acting gig was Robert Eggers' " The Lighthouse ", which released in the United States in October.

[BREAKING] SURPRISE U actor Cha In Ha found dead, police investigating cause
In accordance to the request of the bereaved family, the funeral will be held quietly. Pinkvilla offers our condolences to Cha In Ha's family.

Seattle GM Francis issues statement on allegations of Peters physical assaults
Karmanos said he would have fired Peters "in a nanosecond" had Francis made him aware of the incidents. Following an investigation by the Flames and National Hockey League , he resigned Friday.

Other news