And the marmot greets you every day. A new Android security hole appeared on the horizon. This was discovered by the security company Promon, which it christened StrandHogg 2.0. Hackers can act particularly perfidiously.
As soon as a malware is on the smartphone, it can disguise itself as another application. The user starts a legitimate app, but gets to the malware. This prompts him on behalf of the selected app to grant her different permissions. As soon as this is done, the attackers can control pretty much all the critical systems of the smartphone and thus get login data for online banking, compromising pictures and videos or recorded calls. And that doesn’t even require root access.
According to Promon’s security experts, StrandHogg 2.0 can be used to perform the following activities:
- Spying on users via the microphone
- Take photos with the camera
- Send and receive SMS
- Make or record calls
- Copy credentials
- Get access to all private photos and files
- Get location data
- View contact list
- View phone logs
Vulnerability: is your smartphone affected?
The answer to this question is most likely “yes”. Because only smartphones with the Android 10 operating system were spared from the vulnerability. Devices with Android 9 Pie or an older version are all affected. And, according to Google’s own information, that’s just under 92 percent.
How can you protect yourself?
According to Promon, Google knows about StrandHogg 2.0. According to this, the US company wanted to release a security update this month that will eliminate the security gap. However, most users will have to wait a while for the update, because the smartphone manufacturers will first have to adapt it to their user interfaces – and this may take some time. All users can currently do is look for updates in their mobile phone settings and install them as soon as they are available. Until then, you should avoid installing apps from external sources, i.e. not from the official Google Play Store.