The StrandHogg vulnerability
Wednesday, 04 December, 2019, 22:05
Promon security researchers have found proof of a dangerous Android vulnerability, dubbed ‘StrandHogg’, that allows real-life malware to pose as legitimate apps, with users unaware they are being targeted. Lookout, a partner of Promon, confirmed that they have identified 36 malicious apps exploiting the vulnerability. Among them were variants of the BankBot banking trojan observed as early as 2017. *During testing, Promon researchers found that all of the 500 most popular apps (as ranked by app intelligence company 42 Matters) are vulnerable to StrandHogg. *All versions of Android affected, incl. Android 10 (note: the permission harvesting exploit is only from Android 6.0 and onwards).
The Microsoft Surface Pro 8 could be solar powered24415.01.2020, 23:35
WhatsApp will stop working on millions of smartphones worldwide in 202076910.12.2019, 19:10
The StrandHogg vulnerability53804.12.2019, 22:05
A new Facebook News tab is starting to roll out in the United States102226.10.2019, 13:25