New Android malware poses as real apps to steal your information
This vulnerability has been named Strandhogg 2.0 and It was named after the Norse term for a hostile takeover.
This “bug” is known as the “evil twin” of a previously discovered bug of the same name, that was discovered only sixth months earlier by the same company.
Strandhogg 2.0 affects every device that runs Android 9.0 and earlier
This vulnerability will trick a victim into entering their password into a copy app whilst thinking it is a legitimate app. This malicious malware is also able to hijack app permissions to siphon off sensitive data from users accounts such as: photos, contacts and can also track a victim’s location in real time.
You can see why this malware would be considered to be so dangerous to users everywhere.
It has also been said that Strandhogg 2.0 is more dangerous than its predecessor because of its near indetectable nature.
Although Promon did say that to date there was no evidence that hackers had been using this bug in any active hacking campaigns as of yet.
Unfortunately, there is no safe way to detect an attack. They will have to wait for an attack to happen first.
Promon being concerned that the bug could be used yet, haven’t released any significant details about it, until the day that they are convinced of Google’s efforts to fix the bug, which has been labeled “critical”.
Google speaks up
Google says that it also has not to date seen any active use or exploitation of said bug.
Google’s spokesperson has said, “We appreciate the work of the researchers, and have released a fix for the issue they identified.”
The spokesperson then went on to explain that Google Play Protect which is an app screening service, that is built into all Android devices, will automatically block the apps that exploit the Strandhogg’s vulnerability.
The Strandhogg 2.0 doesn’t need permissions from Android to run, but it can and will hijack the permissions of other apps that already have the victim’s details and personal information by then triggering a permissions request to the victim.
Good news for the moment is that the risk to users is believed to be low, although not zero unfortunately.
Promon says users should update Android devices with the latest security updates and this should fix the vulnerability.
This content has been created as part of our freelancer relief programme. We are supporting journalists and freelance writers impacted by the economic slowdown caused by #lockdownlife.