There’s a new Android vulnerability which has the best disguise of posing as legitimate apps. Security researchers from Promon have discovered the ‘Strandhogg’ vulnerability which has affected all Android versions including the latest Android 10.
Promon in its blog post says that the Strandhogg vulnerability has kept all top 500 popular apps at risk with 36 malicious apps already identified. Hackers also don’t require root access to exploit this vulnerability in Android devices. Once hackers have access to these affected devices they can potentially get every data and more remotely.
The list of possible things hackers can have access to as noted by Promon researchers include listening to the user’s conversations and even recording them, read and send messages, take photos, phish login credentials, access photos and files. Hackers can even get location information, access the phone contacts and call logs as well.
Promon further explains how the malicious app poses as a legitimate one and seeks permissions from the user which are usually accepted. Most app permissions include SMS, camera, microphone and GPS which in turn gives access to hackers to the user’s device. This Android vulnerability can even access sensitive information when users login within this malicious interface.
According to Promon, this malware sample made its way through dropper apps or hostile downloaders in Google Play Store which are usually missed. A recent example of this is the CamScanner app which contained a malicious module through a “Trojan Dropper”. The app was even removed from Google Play.
Promon informed Google about this Android vulnerability earlier this summer. Google has removed the malicious apps but Promon says the vulnerability hasn’t been fixed as yet.
Pingback: british dragon gear reviews
Pingback: 안전카지노
Pingback: keto
Pingback: Legal CBD Oil
Pingback: fake Wrist Watch Brands
Pingback: nu golf thu xinh dep
Pingback: 메이저놀이터
Pingback: click here
Pingback: eatverts
Pingback: freetress wigs
Pingback: what is bitcoin loophole
Pingback: blazing trader
Pingback: Intelligent automation
Pingback: silicone adult dolls
Pingback: sexual selection and the origins of human mating systems
Pingback: roofing contractor Youngstown
Pingback: Urban Nido
Pingback: slot online sultan play
Pingback: realtor
Pingback: pic 5678
Pingback: กล่องอาหาร
Pingback: 강남셔츠룸
Pingback: website oficial do happymod.net.br aqui
Pingback: demande de crédit personnel
Pingback: source
Pingback: asian dating sites
Pingback: voir ce site
Pingback: is marijuana legal in florida
Pingback: mma crystal lake,
Pingback: oregon mushroom dispensary
Pingback: NKSFB David T Bolno
Pingback: Blue Punisher MDMA online Munich
Pingback: incalzire industriala
Pingback: ราคาบอลวันนี้
Pingback: บอลยูโร 2024