The cybersecurity experts of Promon revealed the existence of the fault Android StrandHogg. This vulnerability allows a malicious application to'exploit the multi-tasking management in Android. This bug affects all versions Android. And apparently he allows you to recover most of the data from a smartphone.
Dozens of malicious mobile applications are already exploiting this flaw to steal the contents of your bank account and other login information.
With StrandHogg, hackers can easily:
- read your messages and SMS
- recover your photos and videos
- retrieve identifiers, hack your facebook account
- take photos
- locate you
- monitor your phone conversations
- recover your contact list
How does the StrandHogg attack work?
To put it simply, when you launch an application on your mobile, the malware automatically takes over and “disguise” yourself so you feel like you're still in the legitimate app. Then the malware asks you for access permissions to certain smartphone functions.
Malware can also display a fake login page asking the victim to enter his username and password in order to recover this precious data as shown in the video demonstration.
In this example, the attacker misled the system and launched the spoofing user interface.
When the victim enters their login information into this interface, confidential information is immediately sent to the attacker.
Unsurprisingly, this information is then used to break into your account or resold on the black markets of the darknet.
More how did this malware end up on these smartphones? Well quite simply via the Google Play Store which until very recently offered 36 applications infected with this malware.
How can you protect yourself from StrandHogg malware?
Sadly, no patch is currently available. Warned of the problem, Google reacted; “We appreciate the work of the researchers and we have removed potentially harmful applications. In addition, we continue to investigate in order to improve the ability of Google Play Protect to protect users from similar issues ”.
However, at present, still, it would still be possible to exploit this flaw, and this, on all versions ofAndroid, until the last.