Android threats continue to hit users, and recently, security researchers revealed a newly discovered Android vulnerability called ‘StrandHogg.’ It allows malware to act as a legit app to attack Android users, which is Google’s operating system. This treacherous Android vulnerability could give hackers access to your private photos and SMS and steal your login credentials, monitor your movements, spy using your phone’s camera, and even record your phone’s conversations, reveals Promon, a Norwegian security company.

The security researchers at Promon made an investigation into real-life malware that takes advantage of the serious flaw. They discovered that all of the top 500 most popular apps are at risk, and all versions of Android are affected, including the latest Android 10. The team first identified StrandHogg after being alerted by a partner security company that some banks in the Czech Republic had reported disappearing money from customers’ accounts.

Google Android
Google might be working on an Android TV dongle. REUTERS/Dado Ruvic

Lookout, one of the partners or Promon, confirmed that it has identified 36 malicious apps exploiting the StrandHogg vulnerability. This includes the Bankbot, a popular banking trojan, which has been in action since 2017. Promon CTO Tom Lysemose Hans shared that if this vulnerability is left unaddressed, Strandhogg could have an unprecedented impact in scale and amount of damage considering most apps by default are vulnerable, and all versions of Android are affected.

Researchers classify StrandHogg as unique since it allows attacks even on unrooted devices. It orchestrates its evil by utilizing a weakness in the multitasking system of Android to execute attacks that allow malicious apps to hide in plain sight by posing as legit apps. The bad app can ask for permission from the user, including photos, microphones, GPS, text, and more.

Fortunately, Google is doing something to address this scary issue, according to BBC. The search engine giant has reportedly taken steps to address the vulnerability and has already suspended the apps found to be affected. In an email sent to Forbes, Google said:

We appreciate the researchers’ work and have suspended the potentially harmful apps they identified. Google Play Protect detects and blocks malicious apps, including ones using this technique.

Additionally, we’re continuing to investigate in order to improve Google Play Protect’s ability to protect users against similar issues.