Promon, the Norwegian app security firm, has revealed that the discovery of a dangerous Android vulnerability called StrandHogg, which has reportedly infected all versions of Android and has put the top 500 most popular apps at risk.

Tom Lysemose Hansen, the CTO of Promon, commented:

“We have tangible proof that attackers are exploiting StrandHogg in order to steal confidential information. The potential impact of this could be unprecedented in terms of scale and the amount of damage caused because most apps are vulnerable by default and all Android versions are affected.”

Tom Lysemose Hansen

However, StrandHogg poses as any other app on the infected device and tricks users into believing that they are using a legitimate app. The vulnerability then allows malicious apps to phish users’ credentials by displaying a malicious and fake version of a login screen.

ALSO READ :  Tron’s Largest Decentralized Exchange Acquired By Poloniex

The report reads:

“When the victim inputs their login credentials within this interface, sensitive details are immediately sent to the attacker, who can then login to, and control, security-sensitive apps.”

Beside from stealing personal information like crypto wallet login credentials, StrandHogg can also reportedly listen to the user through their microphone, read and send text messages, and access all private photos and files on the device, among other nefarious exploits.

Similarly, the Promon researchers further pointed out that they have disclosed their findings to Google last summer.

Thus, while Google did remove the affected apps, it does not appear as if the vulnerability has been fixed for any version of Android.

Source: cointelegraph.com


Share This

Share This

Share this post with your friends!