Android owners should check right now that their devices are fully up to date with very latest security patches from Google. The alert comes after a shock new threat was unearthed by security experts which allows hackers to mimic genuine apps on devices in an attempt to steal personal data.
The terrifying vulnerability, dubbed Strandhogg 2.0, was found by the team at Promon who discovered that the malware could easily trick users into entering passwords and other details into apps they thought were fully legitimate.
Worst still, Strandhogg 2.0 is also capable of hijacking important app permissions. Once a malicious app is installed on a device, attackers could gain access to private SMS messages and photos, steal victims’ login credentials, track GPS movements, make and/or record phone conversations, and spy through a phone’s camera and microphone.
Explaining more, Tom Lysemose Hansen, CTO and founder of Promon said: “from our extensive research, we can see that StrandHogg 2.0 enables hackers to attack much more broadly while being far more difficult to detect. Attackers looking to exploit StrandHogg 2.0 will likely already be aware of the original StrandHogg vulnerability and the concern is that, when used together it becomes a powerful attack tool for malicious actors.
“Android users should update their devices to the latest firmware as soon as possible in order to protect themselves against attacks utilising StrandHogg 2.0.”
Due to the serious nature of the threat, which attacks phones running Android 9 and earlier, the security team informed Google before going public. This has given the US tech firm time to fix the critically-rated issue.
Promon CEO Gustaf Sahlman added: “We remain in constructive dialogue with Google, which has acknowledged the severity of StrandHogg 2.0 and is set to roll out a fix to the general public in May.
Promon has once again discovered a potentially catastrophic Android vulnerability, which thanks to our researchers will be fixed before it could be used by hackers to cause all sorts of distress for people and businesses around the world.”
Published at Thu, 28 May 2020 06:18:00 +0000