A new vulnerability has been found in Android OS. Researchers at Norwegian security firm Promon have discovered this vulnerability. It can be exploited to steal login credentials, access messages, track location and more. The researchers are calling it StrandHogg, according to them, this vulnerability affects all versions of Android.
The researchers found the vulnerability when they were looking for apps that could steal money from one’s bank account. Chief technology officer at Promon, Tom Hansen told the BBC: “We’d never seen this behavior before. As the operating system gets more complex it’s hard to keep track of all its interactions. This looks like the kind of thing that gets lost in that complexity”.
How it works:
StrandHogg is a bug in the OS component that handles multitasking – the mechanism that allows the Android operating system to run multiple processes at once and switch between them once an app goes in or out of the users’ view (screen). This bug can be activated by a malicious app. So, when the user taps on a legitimate app, this bug executes codes from the malicious app. These codes can ask for permission or show phishing pages. The code is executed in such a way that the user thinks the permission has come from the legitimate app.
The researchers have uploaded a video on Youtube regarding the vulnerability:
Google has responded to news of the vulnerability by saying: “We appreciate the researchers’ work, and have suspended the potentially harmful apps they identified. Additionally, we’re continuing to investigate in order to improve Google Play Protect‘s ability to protect users against similar issues”.