Everyday, we get to hear different
incidents of online hacking or invasion of privacy. The truth is with the
advancement of technology, hackers and their hacking techniques are getting
more and more sophisticated.
Just about a couple of days back we informed you about an extremely futile hacking technique called ‘juice jacking‘, which has largely been spoken and warned about by security experts.
In short, every technical device you hold today and are surrounded by, is a potential medium of hackers seeping into personal details of your life and security. All we can do is be more careful and understand the different means in which these devices can exploit us.
Extremely Vulnerable Bug Affecting Android
Cybercriminals have recently found an under
investigated vulnerability to breach Android devices. It is called
StrandHogg and it can allow these hackers to listen to your
conversations, to listen to.
Initially reported
by Norway-based cybersecurity firm Promon, the ill-effects and extreme
vulnerability of this bug towards Android devices have now caught the attention
of the cybersecurity wing of Ministry of Home Affairs.
The Threat Analytical Unit of Indian Cyber Crime Coordination Centre, Union Home Ministry has sent an alert to all States warning them about the vulnerability of the Android operating system to a bug called ‘StrandHogg’ that allows real-time malware applications to pose as genuine applications and access user data of all kind.
Promon believes that there is plenty of tangible proof
that attackers are exploiting StrandHogg in order to steal confidential
information. The effect of this bug was first brought to Promon’s
notice when several banks in the Czech Republic had reported money
disappearing from customer accounts.
StrandHogg and Why is It Targeting Android?
All the versions of Android, including Android 10 have resulted to be vulnerable to this bug and the user may not even be aware of the malware applications on already on their device.
These malware can potentially listen to their conversations, access photo album, read and send messages, make calls, record conversations and get login credentials to various accounts.
The main issue here is that the Android OS allows multi-tasking. This bug enjoyably exploits the Android control settings called taskAffinity and taskReparenting that allow apps, including the malicious ones to freely assume identity of another task in the multitasking system.
This permits the malicious activity to hijack the target’s
task, which means the next time the user opens the targeted app, the
hijacked task will open up instead of the original tasks.
What are the Warning Signals?
While this interception takes place, the user would receive
pop-ups granting permission to send notifications, messages
etc. If the user grants these permissions, the malicious app gains
access to these components. This is one of the
main entry points for ‘StrandHogg’ to launch the attack.
An app in which the user is already logged in asking
him/her to login again is another anomaly pointing to the possibilities of a
cyberattack, so be very careful and attentive about it. It can activate the
microphone, allowing a hacker in a remote location to listen to live
conversations. The camera can also be switched on to capture visuals.
Links and buttons that become non-functional, apps
asking for permissions that are not required are among the other warning signs.
The Ministry also sent a detailed list of the modus operandi of the hackers and
latest trends in cyberattacks for appropriate action of the States.
Promon found that the malicious apps exploiting the
vulnerability did not come directly through Google Play Store. They were
installed through ‘dropper apps’ distributed on Google Play. These dropper
apps either have or pretend to have the functionality of popular apps so it can
bypass Google Play Protect.
The information was shared by the Threat Analytical
Unit, Indian Cyber Crime Coordination Centre, Ministry of Home Affairs. It
revealed that at least 500 popular apps are at risk because of this malware
that hackers can deploy to attack mobile phone users.
No comments:
Post a Comment