Security News > 2020 > May > Android ‘StrandHogg 2.0’ flaw lets malware assume identity of any app
Researchers have publicised a critical security flaw in Android which could be used by attackers to "Assume the identity" of legitimate apps in order to carry out on-device phishing attacks.
Promon doesn't delve into the inner workings of the flaw in huge detail but malware exploiting it would be able to overlay a malicious version of any app over the real app, capturing all logins as they are entered by an oblivious user.
Promon claims the code used in the attack would be obfuscated enough that it could slip past Google Play's security layers as well as on-device security apps, making it hard to detect.
Anyone running Android versions 9.0 or earlier - the only Android version not affected by Strandhogg 2.0 is version 10, currently installed on only a small proportion of smartphones.
If your Android smartphone is made by a third party, patches for Android 8 and 9 could turn up any time from now to several months down the line.
News URL
Related news
- TrickMo malware steals Android PINs using fake lock screen (source)
- Russia targets Ukrainian conscripts with Windows, Android malware (source)
- Android malware "FakeCall" now reroutes bank calls to attackers (source)
- New FakeCall Malware Variant Hijacks Android Devices for Fraudulent Banking Calls (source)
- New Android Banking Malware 'ToxicPanda' Targets Users with Fraudulent Money Transfers (source)
- Cyber crooks push Android malware via letter (source)