Security News > 2020 > May > Android ‘StrandHogg 2.0’ flaw lets malware assume identity of any app
Researchers have publicised a critical security flaw in Android which could be used by attackers to "Assume the identity" of legitimate apps in order to carry out on-device phishing attacks.
Promon doesn't delve into the inner workings of the flaw in huge detail but malware exploiting it would be able to overlay a malicious version of any app over the real app, capturing all logins as they are entered by an oblivious user.
Promon claims the code used in the attack would be obfuscated enough that it could slip past Google Play's security layers as well as on-device security apps, making it hard to detect.
Anyone running Android versions 9.0 or earlier - the only Android version not affected by Strandhogg 2.0 is version 10, currently installed on only a small proportion of smartphones.
If your Android smartphone is made by a third party, patches for Android 8 and 9 could turn up any time from now to several months down the line.
News URL
Related news
- New FireScam Android malware poses as RuStore app to steal data (source)
- New FireScam Android data-theft malware poses as Telegram Premium app (source)
- FireScam Android Malware Poses as Telegram Premium to Steal Data and Control Devices (source)
- DoNot Team Linked to New Tanzeem Android Malware Targeting Intelligence Collection (source)
- Crypto-stealing iOS, Android malware found on App Store, Google Play (source)
- SpyLend Android malware downloaded 100,000 times from Google Play (source)
- Vo1d malware botnet grows to 1.6 million Android TVs worldwide (source)