A new Android bug was discovered by security researchers which lets malware disguised as legitimate applications to steal passwords and other sensitive user data, creating a major vulnerability in almost every Android version. According to Techcrunch's latest report, all devices running Android 9.0 and earlier versions are vulnerable to the new Android bug called "Strandhogg 2.0", named after a term of Norse for a hostile takeover.
Also Read: [BREAKING] Tinder Date Stabbed to Death By Utah Man; Conversations on App Rise During The Pandemic
I honestly have no idea why they named CVE-2020-0096 as Strandhogg 2.0. There's nothing in common between the two.
Strandhogg 1 - a task hijacking issue known since 2015
Strandhogg 2 - an actual elevation of privilegehttps://t.co/smsA2m3hSo pic.twitter.com/f1jPb4RnXA — Catalin Cimpanu (@campuscodi) May 26, 2020
Promon, a Norwegian security firm, stated that Strandhogg 2.0 is the "evil twin" of the earlier bug which has the same name, discovered six months earlier, which can also cause the same vulnerabilities. The newly discovered Android bug works by tricking Android users by allowing malware to pose as real apps, making the victim think that they are entering their passwords in a legitimate app while instead with a malicious overlay.
Also Read: Coronavirus Malware: COVID-19-Themed Malware Can Disguise as Miscrosoft Excel Spreadsheets
Other apps permissions can also be hijacked by Strandhogg 2.0, siphoning off sensitive user data such as photos and contacts. The real-time location of the victim can be tracked by the new Android bug, adding to the major vulnerabilities it can create.
New Android bug disguises malware as real apps to steal user data: Strandhogg 2.0 creates major vulnerability to Android devices
Tom Lysemose Hansen, founder and chief technology officer at Promon, claimed that the new android bug is more dangerous compared to its predecessor since it is nearly undetectable. However, he stated that there is no evidence yet showing that cyber attackers have used Strandhogg 2.0 in any active hacking campaigns. But, it is still not safe since there are no good ways to detect if a malicious attack is already taking place using the new Android bug.
The company which discovered Strandhogg 2.0 delayed releasing details of the bug until Google could fix the critical-rated vulnerability since Promon still considers that many hackers could use it. Android's multitasking system, which allows users to quickly switch back and forth by keeping tabs on every recently opened app, can be abused by the Android bug.
When the victim installs a malicious app disguised as a normal app, Strandhogg 2.0 can be unknowingly downloaded. A fake login window will be visible once the victim opens the malicious app that will quickly hijack the Android device. Once the victim starts to type their passwords on the fake overlay, the hacker can siphon off their sensitive information to the cyber attacker's server. The malicious act will appear as a real login, making the process undetectable.