Android vulnerable to ‘StrandHogg’ malwareDate: 16 December 2019 Tags: IT, Mobile & Computers
The Union Home Ministry has sent an alert to all States warning them about the vulnerability of the Android operating system to a bug called ‘StrandHogg’ that allows real-time malware applications to pose as genuine applications and access user data of all kind.
While all versions of Android, including Android 10, are vulnerable to this bug, it may not be apparent to the affected users that malware applications are already on board their device.
These malware can then potentially listen to their conversations, access photo album, read/send messages, make calls, record conversations and get login credentials to various accounts.
his apart, things that such malware can access include private images, files, contact details, call logs, and location information.
At least 500 popular apps are at risk because of this malware that hackers can deploy to attack mobile phone users.
It can activate the microphone, allowing a hacker in a remote location to listen to live conversations. The camera can also be switched on to capture visuals.
Signs of attack
Pop-ups asking for permission to send notifications, messages etc., are one of the main entry points for ‘StrandHogg’ to launch the attack.
An app in which the user is already logged in asking him/her to login again is another anomaly pointing to the possibilities of a cyberattack.
Once users approve such requests, the malware would instantly access the mobile phone or tablet for specific purposes.
Links and buttons that become non-functional, apps asking for permissions that are not required are among the other warning signs.
Malware is any software intentionally designed to cause damage to a computer, server, client, or computer network. A wide variety of types of malware exist, including computer viruses, worms, Trojan horses, ransomware, spyware, adware, and scareware.