What is ‘StrandHogg’ vulnerability in android devices?
Published: December 30, 2019
A firm specialized in App Protection named Promon AS located in the Scandinavian country Norway has discovered a dangerous vulnerability on Android devices. A research conducted by its team of three experts has disclosed that the vulnerability allows real-life malware or the virus to pose as a legitimate app or cloned app in the android device of the target person without the need for the android operating system to root the device. The researches have named the vulnerability as ‘StrandHogg’. According to the researchers:
StrandHogg can impact: All versions of Android devices available in the global market, including the latest version Android Q, all 500 most downloaded apps are at risk, a total of 36 malicious apps have been detected to been exploited by attackers through the vulnerability.
The following can be exploited by the attackers through StrandHogg vulnerability without the permission or knowledge of the owner of the android device: listen conversations by using the Microphone, can read and send SMS, access to contact list, take photos through the camera, get access to the storage section-photos, videos and documents and will also be able to access the phone log and get the GPS location of the user.
Promon AS is registered as a Limited Company in Norway was founded in 2006, with head office located in the Norwegian capital, Oslo has expanded its offices across Europe in Germany and UK and in parts of Asia, in India as well. Promon AS develops solutions based on App protection in android devices by focusing on Runtime Application Self Protection (RASP).
Why in News?
The Ministry of Home Affairs earlier in the month of December 2019, has issued an alert notice to all states warning them about the vulnerability in Android devices.