StrandHogg: hack Android phone remotely

StrandHogg android
StrandHogg android

The cybersecurity experts of Promon revealed the existence of the Android StrandHogg flaw. This vulnerability allows a malicious application to'exploit the multitasking management in Android. This bug affects all Android versions. And apparently he allows you to recover most of the data from a smartphone.

Dozens of malicious mobile apps are already exploiting this flaw to loot the contents of your bank account and other login information.

With StrandHogg, hackers can easily:

  • read your messages and SMS
  • recover your photos and videos
  • retrieve identifiers, hack your facebook account
  • take photos
  • locate you
  • monitor your phone conversations
  • recover your contact list

How does the StrandHogg attack work?

To put it simply, when you launch an application on your mobile, the malware automatically takes over and “disguise” yourself so you feel like you're still in the legitimate app. Then the malware asks you for access permissions to certain smartphone functions.

Malware can also display a fake login page asking the victim to enter his username and password in order to recover this precious data as shown in the video demonstration.

In this example, the attacker misled the system and launched the impersonation user interface.

When the victim enters their login information into this interface, confidential information is immediately sent to the attacker.

Unsurprisingly, this information is then used to break into your account or resold on the black markets of the darknet.

Corn how did this malware end up on these smartphones? Well quite simply via the Google Play Store which until very recently offered 36 applications infected with this malware.

How can you protect yourself from StrandHogg malware?

Sadly, no patch is currently available. Warned of the problem, Google reacted; “We appreciate the work of the researchers and we have removed potentially harmful applications. In addition, we continue to investigate in order to improve the ability of Google Play Protect to protect users from similar issues ”.

However, at present, still, it would still be possible to exploit this flaw, and this, on all versions of Android, until the last.