StrandHogg Android Vulnerability Can Grab Wallet and Banking Information

The recently discovered vulnerability StrandHogg may give hackers access to private information stored on the phones of Android users.

StrandHogg has already been used for accessing banking data. The exploit has been documented by security company Promon and seems to affect all Android versions. Since researchers in the security field have been knowing about the StrandHogg proof-of-concept model ever since 2015, the exploit isn’t at all new.

The Dangerous StrandHogg Version Has Been on the Internet for a While

The potentially dangerous StrandHogg version has been propagating all over the internet in the past year, hidden in malware. Promon even made a page with information on it after learning how fast it spreads and how dangerous it can be. What it seems to do is interrupting the way an app flows from the moment of the launch to the one of the welcoming screen appearing. It forces the Android user to give the malware permission before letting the app run. This is what the Marketing and Communication Director at Promon, Lars Lunde Birkeland had to say about it:

“Our researchers focused on describing the vulnerability, as such, but we also collaborated with Lookout Security who contributed some parts by scanning their datasets of malware. They found 36 malicious apps that exploit the flaw. We tested the top 500 most popular apps and all of them are vulnerable.”

More than this, all Android versions, including Android 10, can be affected according to Promon.

Launched on almost any kind of phone with Android, the StrandHogg exploits and hijacks apps and sends the pop-ups that ask to have access to contacts, stored data, and location. After permission is given, the app starts running normally. Birkeland explained how it works:

“The victim clicks on the legit app but instead of being directed to the legit app the malware tricks the device to show a permission pop-up. The victim gives the malware and the attacker the permissions and then you're redirected to the legit app.”

Researchers have discovered that the Trojan program BankBot in fact used the exploit to ask for permission for intercepting messages, make calls and even lock the phone until a ransom is paid. This has raised many concerns among those who are banking with their phone or are using wallet apps. More than this, the exploit can also present a fake page for logging in with some apps on Android, yet the permissions exploit is the one more widespread.

The Vulnerability is Very Serious

Promon came across the malware when many banks from the Czech Republic started to report that their customers are having money taken from their accounts. This is what the company wrote:

“From here, through its research, Promon was able to identify the malware was being used to exploit a dangerous Android vulnerability. Lookout, a partner of Promon, also confirmed that they have identified 36 malicious apps exploiting the vulnerability. Among them were variants of the BankBot banking trojan observed as early as 2017. While Google has removed the affected apps, to the best of our knowledge, the vulnerability has not yet been fixed for any version of Android (incl. Android 10),” wrote the researchers.”

The name StrandHodd comes from an old tactic used by the Vikings to raid the coast and to kidnap people for ransom.

Get Free Email Updates!

*Action* Enter Best Email to Get Trending Crypto News & Bitcoin Market Updates

I will never give away, trade or sell your email address. You can unsubscribe at any time.

Oana Ularu
Oana Ularu
Curious about what’s going on with all the money in the world, Oana is bringing you the latest news in the crypto world. She’s aware of the fact that you need to know everything that’s happening on the financial scene in order to play the cryptocurrency market, so you can count on her to share with you every little detail on what matters.

[Alert] Use the author's self-conducted information at your own risk, do you own research, never invest more than you are willing to lose.

[Disclosure] The published news and content on BitcoinExchangeGuide should never be used or taken as financial investment advice. Understand trading cryptocurrencies is a very high-risk activity which can result in significant losses. Editorial Policy \\ Investment Disclaimer


Please enter your comment!
Please enter your name here


Live Bitcoin Price & Latest BTC Chart News

Today's Latest Crypto News

Latest Analytics Shows 64% Of Controversial Stablecoin USDt Supply Controlled by 119 Addresses

Tether’s stablecoin ‘USDT’ continues to dominate this segment of the crypto market according to the latest statistics. However, questions on its decentralization inadequacy has...

NYAG Responds To Bitfinex, Tether Calls The Case A ‘Highly Misleading Factual Presentation'

The New York Attorney General Office (NYAG) has responded to Bitfinex’s appeal to have the authority stop the ongoing investigations against them and Tether....

EU’s Upcoming AML Regulation Forces Bitcoin Payments App Bottle Pay to Shut Down

EU’s 5th anti-money laundering directive coming into effect on 10th January 2020 To not force this onto the community, Bottle Pay will cease...

Africa’s First Stablecoin is based on Nigerian Naira & Built on Binance Chain

The very first stablecoin of Africa is backed by Naira, the fiat currency of Nigeria and it will be built on Binance Chain, the...

Libra Whitepaper Gets Updated, Association Members Won't Get Paid On Reserve Asset Profits

The new whitepaper doesn’t use interest to pay early investors, which are predominantly involved in the Libra Association. The interest will still go...

BitcoinExchangeGuide is a hyper-active daily crypto news portal with care in cultivating the cryptocurrency culture with community contributors who help rewrite the bold future of blockchain finance. Subscribe on Google News, see the mission, authors, editorial links policy, investment disclaimer, privacy policy. Got News? Contact us, we are human too. Note: nothing here is financial advice, do your own research thoroughly.