From time to time, there are reports of large-scale vulnerabilities in popular operating systems. Android is no exception. Researchers have identified a critical security vulnerability in the mobile OS, which allows malicious programs to masquerade as other applications to deceive users and steal their personal data.
Promon security experts have announced the discovery of a new malware, Stranghogg 2.0, which masquerades as other well-known applications. The main danger is that after installing the virus on the phone, it is almost impossible to detect. The vulnerability was found in all versions of Android below the tenth. Thus, billions of devices around the world are in potential danger.
Strandhogg 2.0 is able to use the multitasking mechanism, allowing you to switch between the latest running applications. Every time a person launches a new program, malware replaces the screen with the input of personal data. This is how attackers collect sensitive information. According to experts, the virus freely accesses any application – even those that are protected by two-factor authentication (2FA): the vulnerability reads incoming SMS with security codes.
According to representatives of Promon and Google, there are no recorded cases of exploitation of this breach by cybercriminals. However, experts passed all the collected information to the Android developers, so that they closed the dangerous vulnerability. Google also notes that the Play Protect system security service is already capable of recognizing programs with Strandhogg 2.0. Experts once again remind users of the need to update their devices so as not to become victims of scammers.