A New Android Bug Might Steal Your Data - Visualistan

    Social Items

A New Android Bug Might Steal Your Data

Attention Android users! A new bug called Strandhogg 2.0 has the ability to attack all Android devices operating on Android 9.0 and earlier.

According to the Norwegian security firm Promon, this bug is an 'evil twin' of another bug that has the same name. Strandhogg 2.0 works by tricking the victim into entering their passwords on a genuine app with a malicious overlay. It can also take over other app permissions to hijack other sensitive data like your contacts, photos, etc., and even your real-time location.

It is also found to be more dangerous than the one that came before it because detecting it is hard. However, there's no proof so far about it being used in any active hacking campaigns. There are no effective ways to detect its attack yet and with the bug being capable of being abused by hackers, Promon has not released any more details about the bug and awaits Google to fix the vulnerability of its OS regarding this.
Google has said that the company acknowledges and admires the work of researchers, and has also released a fix of the issue they found. Google's Play Protect, now restricts apps that exploit the bug's vulnerability.

The bug attacks on Android's multitasking system that allows user to switch between recently opened apps. It makes its way into the victim's device as a normal app and as soon as the victim opens the app, the malicious app hijacks it and replaces it with malicious content, for example, a fake login window. This app won't need any permission to operate either.

For now, the risk is low, but that doesn't mean it isn't there. The best thing to do would be to update your Android devices that have the latest security updates as soon as possible.

A New Android Bug Might Steal Your Data

A New Android Bug Might Steal Your Data

Attention Android users! A new bug called Strandhogg 2.0 has the ability to attack all Android devices operating on Android 9.0 and earlier.

According to the Norwegian security firm Promon, this bug is an 'evil twin' of another bug that has the same name. Strandhogg 2.0 works by tricking the victim into entering their passwords on a genuine app with a malicious overlay. It can also take over other app permissions to hijack other sensitive data like your contacts, photos, etc., and even your real-time location.

It is also found to be more dangerous than the one that came before it because detecting it is hard. However, there's no proof so far about it being used in any active hacking campaigns. There are no effective ways to detect its attack yet and with the bug being capable of being abused by hackers, Promon has not released any more details about the bug and awaits Google to fix the vulnerability of its OS regarding this.
Google has said that the company acknowledges and admires the work of researchers, and has also released a fix of the issue they found. Google's Play Protect, now restricts apps that exploit the bug's vulnerability.

The bug attacks on Android's multitasking system that allows user to switch between recently opened apps. It makes its way into the victim's device as a normal app and as soon as the victim opens the app, the malicious app hijacks it and replaces it with malicious content, for example, a fake login window. This app won't need any permission to operate either.

For now, the risk is low, but that doesn't mean it isn't there. The best thing to do would be to update your Android devices that have the latest security updates as soon as possible.

Related Post

Disqus Codes
  • To write a bold letter please use <strong></strong> or <b></b>
  • To write a italic letter please use <em></em> or <i></i>
  • To write a underline letter please use <u></u>
  • To write a strikethrought letter please use <strike></strike>
  • To write HTML code, please use <code></code> or <pre></pre> or <pre><code></code></pre>
    And use parse tool below to easy get the style.
Show Parser Box

strong em u strike
pre code pre code spoiler
embed

Subscribe Our Newsletter

Notifications

Disqus Logo