The Union Home Ministry recently sent an alert to all States warning them about the vulnerability in the Android operating system to a bug named StrandHogg.
More about the news:
- Malicious apps exploiting the vulnerability did not come directly through Google Play Store.
- Instead they were installed through dropper apps distributed on Google Play.
- Dropper apps either have or pretend to have the functionality of popular apps so it can bypass Google Play Protect.
Method of working of StrandHogg
- When a user launches an app, an attacker can condition the system to display to the user a spoofed User Interface (UI) under the attacker's control instead of the real UI from the original app, without the user’s awareness.
- This makes all apps on the user’s device vulnerable, including the privileged system apps.
- It can allow the attacker to listen to microphone, steal login credentials, take photos using camera, read SMS and even access photos.