Once again, cyber security awareness program experts have just detected a threat in Android devices, which can be executed through banking applications.
So be careful when using banking applications, preferably we recommend users to uninstall them since according to the authorities the level of affectation can be very serious.
The vulnerability was named as “StrandHogg” and according to Norwegian security firm Promon it directly affects the Android multitasking system, and allows malicious applications to superimpose fake login screens in legitimate applications.
Promon detected that about 36 applications can exploit this bug and that due to the complexity of the script, this bug could be executed in more than 500 apps from the App Store.
The 36 applications found by Promon along with the Lookout company that exploited the bug. This bug was also exploited by of the BankBot Trojan virus.
Due to this, Google Play has already removed the first 36 vulnerable apps from the Play Store ensuring that they have already contained the threat, but the problem is still not completely resolved, users need to update their operating system, in order to obtain the latest security patch.
Unfortunately it was reported that the vulnerability affects the Android operating system and that regardless of whether it is version 6.0 or version 10, the affectations are the same, since the failure depends on the permissions granted to these fake applications as per experts from International Institute Cyber Security.
By granting these permissions, users without knowing it, allow attacks to be carried out, including: access to stored data, access to the location, to send and receive SMS messages, telephone calls, listening through the microphone and activating the cameras.
It is possible that this wave of attacks on financial institutions is an orchestrated attack by hacking groups to obtain funds, because at least 60 banking applications have already been reported vulnerable to “StrandHogg”.
Cyber security awareness course experts recommend to uninstall bank applications is because this vulnerability superimposes login screens identical to the original ones and unfortunately any user could grant their access signatures among other data to third parties without noticing.
Google said it would continue investigating “to prevent such applications from being available in the Play Store.
Information security specialist, currently working as risk infrastructure specialist & investigator.
15 years of experience in risk and control process, security audit support, business continuity design and support, workgroup management and information security standards.