StrandHogg Android VulnerabilityIMalwareIExploitIStrandhogg Protection Tips For Your Phone[Hindi]
Articles Blog

StrandHogg Android VulnerabilityIMalwareIExploitIStrandhogg Protection Tips For Your Phone[Hindi]

January 5, 2020


A new Android vulnerability that allows malware
apps to masquerade as legitimate apps, ask for permissions, and then perform all kinds
of actions you probably wouldn’t want. For example, one of these apps could read
and scan your messages, take photos using your camera, or even phish your logins by
giving you bogus sign-in screens instead of the real deal. All Android versions, even a fully updated
Android device and doesn’t require root access to work.In this video I will explain
about this vulnerability, How can I tell if an app is trying to scam me using StrandHogg? How do I get rid of StrandHogg-exploiting
apps?How to protect your phone from this.Don’t forget to take these steps to safeguard your
privacy and data. Let’s start the video:
The vulnerability explained StrandHogg, unique because it enables sophisticated
attacks without the need for a device to be rooted, uses a weakness in the multitasking
system of Android to enact powerful attacks that allows malicious apps to masquerade as
any other app on the device. This exploit is based on an Android control
setting called ‘taskAffinity’ which allows any app – including malicious ones – to
freely assume any identity in the multitasking system they desire. Promon has conducted research of real-life
malware that exploits this serious flaw and found all of the top 500 most popular apps
are at risk, with all versions of Android affected. Demonstrative of the scale of Google Play’s
issue with dropper apps, researchers recently reported that the malicious CamScanner app,
a PDF creator which contains a malicious module, has been downloaded more than 100 million
times. Dropper apps / hostile downloaders: These
are apps that either have or pretend to have the functionality of popular apps, such as
games and utilities, but they also install additional apps to a device that can be malicious,
or steal your data. The vulnerability makes it possible for a
malicious app to ask for permissions while pretending to be the legitimate app. An attacker can ask for access to any permission,
including SMS, photos, microphone, and GPS, allowing them to read messages, view photos,
eavesdrop, and track the victim’s movements. The attack can be designed to request permissions
which would be natural for different targeted apps to request, in turn lowering suspicion
from victims. Users are unaware that they are giving permission
to the hacker and not the authentic app they believe they are using. By exploiting this vulnerability, a malicious
app installed on the device can attack the device and trick it so that when the app icon
of a legitimate app is clicked, a malicious version is instead displayed on the user’s
screen. When the victim inputs their login credentials
within this interface, sensitive details are immediately sent to the attacker, who can
then login to, and control, security-sensitive apps. How can I tell if an app is trying to scam
me using StrandHogg? As much as I hate to say it, common sense
is your best guide. If something feels strange with an app you’re
using, even if that app is one that you know is legitimate, you should be skeptical. Maybe don’t input your login and password
(or payment information) if asked—and don’t give an app extra permissions if it asks for
them out of the blue. Promon’s other tips for telling if an app
is exploiting StrandHogg include: • An app or service that you’re already
logged into is asking for a login. • Permission popups that does not contain
an app name. • Permissions asked from an app that shouldn’t
require or need the permissions it asks for. For example, a calculator app asking for GPS
permission. • Typos and mistakes in the user interface. • Buttons and links in the user interface
that does nothing when clicked on. • Back button does not work like expected. As always, you can keep yourself safer—not
fully protected, but safer—by sticking to recommended apps on the Google Play Store. If an app seems suspicious in name, description,
or awkwardness of reviews, do a little extra research to vet it before you slap it on your
device. And resist the urge to sideload apps outside
of the Google Play Store; you never know what you’re installing on your device, and you
lose any potential protections Google can provide. And once a “dropper” app gets on your
device, installing something that can then masquerade as a real app
is all too easy. How do I get rid of StrandHogg-exploiting
apps? If you think you’re stuck with an app that’s
exploiting StrandHogg, you can always factory-reset your device. Set it up as a brand-new device, rather than
restoring from a backup, and you’ll be back to square one. Don,t forget to take these steps to save your
phone. Thanks for watching.

Only registered users can comment.

Leave a Reply

Your email address will not be published. Required fields are marked *