this critical flaw allows to spy on all Android devices

Strandhogg 2.0 threatens a large number of Android devices. This critical security flaw allows, if properly exploited, to spy on all the content of an Android device. In addition, it offers the possibility for a malicious application to impersonate one of your applications.

strandhogg deux faille android - this critical flaw allows to spy on all Android devices
Strandhogg logo: Promon
Background: Pixabay

The Stranhogg 1.0 security flaw was discovered in December 2019. This Android malware allowed hackers to quietly loot your bank accounts. How? 'Or' What ? By simulating connection windows of famous banking applications. The victims then entered their username and password, far from thinking that it was a trap.

This Wednesday, May 27, computer security researchers at Promon discovered a new critical Android security flaw. Baptized Strandhogg 2.0 (in homage to the first malware), this vulnerability resumes and greatly improves the attack method. If Strandhogg 1.0 succeeds in reproducing login windows, Strandhogg 2.0 can pretending to be a legitimate application and already present on your smartphone.

The malware is indeed based on a flaw in the administrator privileges. Thanks to this vulnerability and to Strandhogg 2.0, a hacker can take control of your applications and replace them with a perfect copy. Then remains to bombard the user with a avalanche of various authorizations : access to microphone, photo and video files, messages, internal memory or GPS.

Also read: Windows, macOS – the worst security holes exploit your USB ports!

The ultimate malware-spy

The goal is here to spy on the victim to get as much information as possible. This flaw is extremely dangerous for several reasons:

  • It is undetectable for users
  • It allows you to hijack the interface of any application installed on a target device without requiring physical and root access
  • It allows to obtain a large amount of access authorizations
  • All versions of Android are affected, except Android 10

There are, however, several clues that can put your ear to the chip. You must be careful when an application to which you have already connected asks you to connect again. Suspicious authorization requests, new, or unwarranted from one of your applications are also warning signs. Unexpected bugs on the interface and commands of an app should also warn you.

This flaw was notified to Google more than five months ago and the web giant released a patch in April 2020 for Pixels. And as you know, it remains for other manufacturers to deploy these updates on their own devices. And in the game of security updates, some smartphones are better off than others …

Also: Bluetooth – New security hole threatens millions of devices

Source: Promon

Categories Tech

Leave a Comment