Security News > 2020 > May > Android ‘StrandHogg 2.0’ flaw lets malware assume identity of any app
Researchers have publicised a critical security flaw in Android which could be used by attackers to "Assume the identity" of legitimate apps in order to carry out on-device phishing attacks.
Promon doesn't delve into the inner workings of the flaw in huge detail but malware exploiting it would be able to overlay a malicious version of any app over the real app, capturing all logins as they are entered by an oblivious user.
Promon claims the code used in the attack would be obfuscated enough that it could slip past Google Play's security layers as well as on-device security apps, making it hard to detect.
Anyone running Android versions 9.0 or earlier - the only Android version not affected by Strandhogg 2.0 is version 10, currently installed on only a small proportion of smartphones.
If your Android smartphone is made by a third party, patches for Android 8 and 9 could turn up any time from now to several months down the line.
News URL
Related news
- Android malware uses NFC to steal money at ATMs (source)
- New NGate Android malware uses NFC chip to steal credit card data (source)
- Cybercriminals Deploy New Malware to Steal Data via Android’s Near Field Communication (NFC) (source)
- New Android Malware NGate Steals NFC Data to Clone Contactless Payment Cards (source)
- SpyAgent Android malware steals your crypto recovery phrases from images (source)
- New Android SpyAgent Malware Uses OCR to Steal Crypto Wallet Recovery Keys (source)
- Beware: New Vo1d Malware Infects 1.3 Million Android-based TV Boxes Worldwide (source)
- New Android Malware 'Ajina.Banker' Steals Financial Data and Bypasses 2FA via Telegram (source)
- New Vo1d malware infects 1.3 million Android TV streaming boxes (source)
- New Vo1d malware infects 1.3 million Android streaming boxes (source)