The StrandHogg vulnerability

3716

Wednesday, 04 December, 2019, 22:05

Promon security researchers have found proof of a dangerous Android vulnerability, dubbed ‘StrandHogg’, that allows real-life malware to pose as legitimate apps, with users unaware they are being targeted. Lookout, a partner of Promon, confirmed that they have identified 36 malicious apps exploiting the vulnerability. Among them were variants of the BankBot banking trojan observed as early as 2017. *During testing, Promon researchers found that all of the 500 most popular apps (as ranked by app intelligence company 42 Matters) are vulnerable to StrandHogg. *All versions of Android affected, incl. Android 10 (note: the permission harvesting exploit is only from Android 6.0 and onwards).
BankBot: one of the most widespread banking trojans around, with dozens of variants and close relatives springing up all the time. BankBot attacks have been detected all over the world, in the U.S., Latin America, Europe and the Asia Pacific region.

ARTSAKH NEWS

The StrandHogg vulnerability

Read Also

How many potentially hazardous asteroids approach Earth?

Granite sliding on granite: friction, wear rates, surface topography, and the scale-dependence of rate–state effects

Ancient alphabets, new insights: Researchers uncover hidden links among the letters

Archaeologists have discovered an ancient Roman bridge in Zaragoza. (photo)

What Archaeologists Found While Searching for a Buried Second Sphinx in Egypt

Astronauts arrive at launch pad for first crewed mission around Moon in more than 50 years (video)

NASA set for first crewed moon return in over half a century (video)

The Last Bastion of the Hominins: Deciphering the 40,000-Year Sealed Silence of Gibraltar (photo, video)