Security News > 2020 > May > StrandHogg 2.0 Vulnerability Allows Hackers to Hijack Android Devices
Researchers at Norwegian app security company Promon on Tuesday disclosed the existence of a serious Android vulnerability that allows a piece of malware to hijack nearly any application installed on the victim's device.
In December 2019, Promon warned that an Android vulnerability, which it dubbed StrandHogg, was being exploited by tens of malicious Android apps to escalate privileges.
Just like the original vulnerability, StrandHogg 2.0 can be exploited to hijack apps, but the company warns that "It allows for broader attacks and is much more difficult to detect."
Promon says StrandHogg 2.0 does not affect Android 10, but the company notes that roughly 90 percent of Android devices currently run older versions of the mobile operating system.
The security firm says it's not aware of any malware exploiting the new vulnerability, but it expects hackers to leverage StrandHogg and StrandHogg 2.0 together "Because both vulnerabilities are uniquely positioned to attack devices in different ways, and doing so would ensure that the target area is as broad as possible."
News URL
Related news
- Hackers Exploit PHP Vulnerability to Deploy Stealthy Msupedge Backdoor (source)
- Hackers steal banking creds from iOS, Android users via PWA apps (source)
- Volt Typhoon Hackers Exploit Zero-Day Vulnerability in Versa Director Servers Used by MSPs, ISPs (source)
- GeoServer Vulnerability Targeted by Hackers to Deliver Backdoors and Botnet Malware (source)