STRANDHOGG BUG
■ StrandHogg(Cyber security ):
applications to pose as legitimate apps and access user data of all kinds. Promon, a Norwegian firm specialising in In-App protection, found proof of this dangerous Android vulnerability, which they call 'StrandHogg’.
■ BUG:----A bug is a general term used to describe any unexpected problem with hardware or software.
● A "bug" is an error or defect in software or hardware that causes a program to malfunction.
● The vulnerability allows sophisticated malware attacks without the need for a device to be rooted to the Android operating system.
● Attackers exploit Android's control setting called 'taskAffinity', which enables any app to freely assume any identity in Android's multi tasking system
.
■ HOW STRANDHOGG WORKS :- A malicious app installed on an Android smartphone can
exploit the StrandHogg bug to trigger malicious code when the user starts another app -- via a feature called "task reparenting."
● Basically, a user taps on a legitimate app, but executes code from a malicious one. As can be seen from the example images below, tapping a legitimate app's icon triggers code executed by the malicious app -- code which can ask for intrusive permission or show phishing pages.
■ DROPPER APPS:---Dropper apps are those that either have or pretend to have the functionality of popular apps,
but they also install
additional apps to a device that can be malicious or steal data.
■ WHAT ARE THE SAFE STEPS?
Currently, there is no effective block or even detection method against
StrandHogg on the device itself. However, as a user, you should be alert to the following discrepancies in your device:
An app or service that you’re already logged into is asking for a login.
• Permission popups that do not contain an app name.
• Permissions asked from an app that shouldn’t require or need the permissions it asks for. For e.g., a calculator app asking for GPS permission.
• Typos and mistakes in the user interface.
• Buttons and links in the user interface that does nothing when clicked on.
• Back button does not work as expected.
Comments
Post a Comment