All versions of Android are at risk and all of the top 500 most popular Android apps are vulnerable.
Hackers are actively exploiting StrandHogg, a newly revealed Android vulnerability, to steal users’ mobile banking credentials and empty their accounts, a Norwegian app security company has warned.
“StrandHogg is unique because it enables sophisticated attacks without the need for the device to be rooted. To carry out attacks, the attacker doesn’t need any special permissions on the device. The vulnerability also allows an attacker to masquerade as nearly any app in a highly believable manner,” they noted.
StrandHogg allows attackers to show to users fake login screens and ask for all types of permissions that may ultimately allow them to:
- Read and send SMS messages (including those delivering second authentication factors)
- Phish login credentials
- Make and record phone conversations
- Listen to the user through the microphone
- Take photos through the device’s camera
- Get access to photos, files on the device, location and GPS information,the contacts list, phone logs, etc.