Promon security research has newly found a vulnerability in the Android Operating System, which could allow real-life malware to act as legit apps without the user's consent. In doing so, they could track or target any user without their knowledge. This harmful bug is known as “Strandhogg.” StrandHogg Vulnerability has successfully affected all versions of Android, including Android 10, which released in September. In a statement released by Promon states that the malware gangs have fully utilized the StrandHogg.
StrandHogg Vulnerability can enter any Android OS and can switch its processing method according to different applications. The vulnerability makes it easy for a malicious app to ask permission while acting as a legit app. The attack is designed as a "request permission method," in such cases, the hackers portray themselves as an official app and ask for permission from the user. The user naturally thinks that they are giving consent to a legit app, but the truth is they are allowing the hacker to go through their SMS, photos, GPS, etc. They also make a similar clone of your app so that when you click to open your legit app, a malicious version pops out on your screen.
Google has already taken a step to control and address StrandHogg Vulnerability and has removed all the potential harmful apps from Google Play. They have also updated their security that detects and blocks malicious apps. They have also formed a separate research team, who continuously investigate in StrandHogg Vulnerability to improve and protect Google Play from further harm. However, Security researcher Sean Wright states that the threat is pretty significant, and it is actively exploited. So, it is challenging to distinguish that something is wrong with a particular app.
However, for now, Google has successfully removed all the malicious apps, but in the future,those similar apps may reappear because StrandHogg Vulnerability is not entirely fixed. Therefore, it is better to be very cautious before installing any app and giving it any kind of permission to access your phone. You can also read reviews or do a web search about the app you want to install. At last, always install or update your apps through Google Play only.
What is StrandHogg Vulnerability?
StrandHogg Vulnerability can enter any Android OS and can switch its processing method according to different applications. The vulnerability makes it easy for a malicious app to ask permission while acting as a legit app. The attack is designed as a "request permission method," in such cases, the hackers portray themselves as an official app and ask for permission from the user. The user naturally thinks that they are giving consent to a legit app, but the truth is they are allowing the hacker to go through their SMS, photos, GPS, etc. They also make a similar clone of your app so that when you click to open your legit app, a malicious version pops out on your screen.
Effects of StrandHoggVulnerability.
1. Listen through microphone
The hacker can easily hack your phone’s microphone and listen to everything you are saying. They can hear and record your private calls and know confidential things.2. Read and send messages
Everyone receives numerous messages. Some messages are highly classified, and you should not share them with anyone. However, with the help of StrandHogg, hackers can easily read all your messages from your phone and can also send messages to whoever they want without your consent.3. Take photos
The hackers can take permission to access your photos and files and use them how they like. They can also use your camera to take photos or record videos from it.4. Login credentials
They quickly know your passwords, account name, and personal questions to access your social media account and hack them. They can also access your bank details, work details, and other private information just by knowing your login credentials.5. Get location from GPS
With the help of GPS, they can track you down and spy on you. They will know your every movement.6. Access contact list
The hacker can easily access your call logs or contact list and use it for their purpose.StrandHogg Vulnerability: What to do?
Google has already taken a step to control and address StrandHogg Vulnerability and has removed all the potential harmful apps from Google Play. They have also updated their security that detects and blocks malicious apps. They have also formed a separate research team, who continuously investigate in StrandHogg Vulnerability to improve and protect Google Play from further harm. However, Security researcher Sean Wright states that the threat is pretty significant, and it is actively exploited. So, it is challenging to distinguish that something is wrong with a particular app.
Conclusion
However, for now, Google has successfully removed all the malicious apps, but in the future,those similar apps may reappear because StrandHogg Vulnerability is not entirely fixed. Therefore, it is better to be very cautious before installing any app and giving it any kind of permission to access your phone. You can also read reviews or do a web search about the app you want to install. At last, always install or update your apps through Google Play only.