Why in news?
The Union Home Ministry has sent an alert to all States warning them about the vulnerability in the Android operating system that allows malware applications to pose as legitimate apps and access user data of all kind
What is StrandHogg?
Cybercriminals have found an under investigated vulnerability to breach Android devices. It is called StrandHogg, and it can allow them to listen to microphone, steal login credentials, take photos using camera, read SMS and even access photos.
First reported by Norway-based cybersecurity firm Promon and later confirmed by their partner firm Lookout , early this month, the vulnerability has now caught the eye of the cybersecurity wing of Ministry of Home Affairs.
How does it attack android's multi-tasking vulnerability?
According to a research by Penn State University in 2015, which theoretically described some aspects of the weakness, the Android task management mechanism was plagued by 'severe security risks'.
When a user launches an app, an attacker can condition the system to display to the user a spoofed User Interface (UI) under attacker’s control instead of the real UI from the original app, without the user’s awareness. All apps on the user’s device are vulnerable, including the privileged system apps.
How can you be safe from this attack?
Currently, there is no effective block or even detection method against StrandHogg on the device itself. However, as an user, you should be alert to the following discrepancies in your device:
- An app or service that you’re already logged into is asking for a login.
- Permission popups that does not contain an app name.
- Permissions asked from an app that shouldn’t require or need the permissions it asks for. For e.g., a calculator app asking for GPS permission.
- Typos and mistakes in the user interface.
- Buttons and links in the user interface that does nothing when clicked on.
- Back button does not work like expected.