Android Strandhogg is a Norwegian term referring to mistreatment by Vikings; now, it is a malware term. It was back in 2017 when the malware was first seen as an exploit in Android’s multitasking system. The malware allows malicious apps to masquerade as virtually any other Apps present on the targeted device. The base of the vulnerability is on the taskAffinity Android control setting, which enables any apps to freely assume any identity in the multitasking system that is targeted. Four years ago, it was suspected to be prone to abuse, and now it has been spotted in the wild after Google had waived it off at the time. A few years later, it resulted in several customers of Czechia bank customer accounts had suddenly lost funds.
At least 36 other malicious apps are exploiting the vulnerability, among them is a variant of the widespread trojan BankBot. As seen on the examined suspected malware samples, Strandhogg affects all recent releases of Google’s mobile OS. It includes the earlier version of Android 10, both rooted and unrooted devices. Hackers can virtually do anything on the hacked system. It can be from accessing your SMS, steal your private photos, hijack your social media accounts, and victims can be redirected to malicious that will ask permission to the user granting cybercriminals access to their device. Just a tap on an app icon for the malicious code to execute through a feature in Android called task reparenting.
Google has recently found in its Transport Layer Security (TLS) update most of its apps in its Google Play Store are encrypting 90% of information by default. And, most of the apps are targeting android 9’s functionality ability and encrypting traffic.
How do I, as an Android user, can prevent this?
- Firmware updates should be at the latest flavor.
- Download ONLY from a legit website like Google Play Store.
- Developers should build security at the design stage.
- Integrate a built-in AntiVirus to identify and serve as an anti-malware.
- Harden your App runtime with App shielding.
- Use Crypto-based strong customer authentication.
- Check your bank online history to check your current and previous transactions.
- App launch output should raise a concern if you suspect a different prompt display.