Wednesday, 11 December 2019
Latest news
Main » StrandHogg flaw lets hackers hijack almost any Android phone

StrandHogg flaw lets hackers hijack almost any Android phone

05 December 2019

This security flaw affects all versions of Android, including Android 10, and according to researchers who have discovered it, "leaves most applications vulnerable to attacks", as malware uses multitasking to act.

Researchers have warned of a security flaw in Android that is being actively exploited to steal online banking logins. Further, Strandhogg could also allow the hackers to intercept the Global Positioning System to track the victim, make or record phone calls and even compromise the smartphone camera and microphone.

This malware was mainly used to go to banks in several countries, and withdraw money from bank accounts.

More news: SpaceX's Falcon Heavy rocket launches on first commercial flight

Running one of the best Android antivirus apps should protect you for the most part, especially if you download apps only from the Google Play Store and grant no apps permissions to download apps from anywhere else. "The industry analyst firm Gartner forecasts that by 2022, at least 50% of successful attacks against clickjacking and mobile apps could have been prevented using in-app protection". "This exploit is based on an Android control setting called "taskAffinity" which allows any app - including malicious ones - to freely assume any identity in the multitasking system they desire", researchers John Høegh-Omdal, Caner Kaya, and Markus Ottensmann of mobile security firm Promon said in a post explaining the weakness.

Victims can also be tricked into granting the malicious apps additional permissions, which then enable the apps to perform all manner of nefarious activities including intercepting texts and calls, and listening in via a phone's microphone.

According to Techradar, Google is aware of the vulnerability, having suspended applications that were identified as malicious. The time that the new threat has been around for is considerable, Bakken notes: " Consumers and app developers alike were exposed to various types of fraud as a result for four years.

More news: Prosecutors: More Charges Possible In Case Of Giuliani Associates Parnas, Fruman

How Strandhogg gets all permissions? . There's no effective way to block or detect the StrandHogg vulnerability on the device itself. Malicious apps were also able to serve fake login pages (phishing attack) inside these apps to further trick people into doling out their personal information. Lookout, a partner of Promon, also confirmed that they have identified 36 malicious apps exploiting the vulnerability. And since it has all the required permits, the app can do whatever they want without informing the users. "Additionally, we're continuing to investigate in order to improve Google Play Protect's ability to protect users against similar issues", Google told Arstechnica.

"The specific malware sample which Promon analyzed did not reside on Google Play but was installed through several dropper apps/hostile downloaders distributed on Google Play".

More news: Adam Sandler remembers his reaction to being fired from SNL

StrandHogg flaw lets hackers hijack almost any Android phone