The security researchers have found a new one great vulnerability which exists in almost every version of it Android.
ΑThis vulnerability allows malware to mimic legitimate applications to steal passwords and other sensitive data.
The vulnerability, named Strandhogg 2.0 ( got its name from the term Norse for a hostile takeover ) affects all devices they use Android 9.0 and older.
It's made of the "bad duo" had been discovered in a previous security breach of the same name, according to Norwegian security company Promon, which discovered both vulnerabilities six months apart. The Strandhogg 2.0 works by tricking the victim into thinking they are entering passwords into a legitimate application, with malware running underneath. The Strandhogg 2.0 may also violate other application permissions to access sensitive user data such as contacts, photos, and locate the victim in real time.
This vulnerability is said to be more dangerous than its predecessor because it is "almost undetectable," he said. Tom Lysemose Hansen, founder and head of the technology team at Promon.
The good news is as she said Promon, that there is no evidence that hackers have used this vulnerability in active hacking campaigns, but warns that there are no "good ways" to detect an attack. In fact, because this vulnerability can be made known to all hacker groups, Promon delayed releasing details on how this vulnerability "works" until Google be able to repair "critical" rated vulnerability.
A Google spokesman told TechCrunch that the company also did not see any evidence of active exploitation by hackers. «We appreciate the work of the researchers and we have already solved the problem that was identified. "
A company spokesman (Google) said that Google Play Protect which is a control service and is integrated in all Android devices, excludes applications that take advantage of the vulnerability of Strandhogg 2.0.
The Standhogg 2.0 works to your advantage using the Android multitasking system, which keeps tabs from each recently opened application so that the user can quickly switch windows between open applications.
If someone downloads a malicious application - disguised as a regular application - that could exploit the vulnerability of Strandhogg 2.0 once it is installed and the victim launches a legitimate application, the malware quickly disrupts the application and inserts malicious content in its place. like a fake login window.
So as soon as the victim enters his / her password in this fake window, the passwords are sent to the hacker servers.
Strandhogg 2.0 does not require Android permissions to run, but it may also violate the permissions of other applications that have access to the victim's contacts, photos, and messages by triggering a licensing request.
"If the license is granted, then the malware has this dangerous license at its disposal," he said. Hansen.
Once this permission is granted, the malicious application may upload data from a user's phone. The malware can upload entire conversations via text messages, he said Hansen, allowing hackers to bypass even two-factor authentication (2FA) protection.
The risk to users is probably low, but not zero. THE Promon said updating devices running Android with the latest security updates is required to fix this vulnerability, and users are advised to update their Android devices as soon as possible.
[the_ad_group id = ”966 ″]
ΜDo not forget to join (register) in our forum, which can be done very easily by the following button…
(If you already have an account in our forum you do not need to follow the registration link)
Follow us on Telegram!
