Major security flaw on Android puts bank data and passwords at risk
Named StrandHogg, this security breach presents itself as very dangerous.
Indeed, it would seem that malware can recover some very important data on mobiles running the Android system. This security flaw, as mentioned in the title but very easily allows hackers to steal bank data and passwords.
This article will also interest you: The most popular apps are the riskiest on Android
Moreover, it has been defined by computer security specialists that this flaw makes it very easy to break into the phone of the targeted people, and to have access to multimedia content stored in the phone.
Over time, if the security system designed by application publishers and operating systems are increasingly complex and difficult to maneuver. The fact remains that malware is also growing. This makes them even more dangerous than before. And that's what we're seeing on Android.
A computer security company called Promon recently discovered the security flaw that really exists on all versions of the Mountain View firm's mobile operating system, even the latest version of Android, Android 10. This vulnerability lies in the way Android manages the multitasking service. Because of this flaw, malware has the ability to overlay an application that users use, and then request certain access permissions on several features of the smartphone.
It is even possible for the malware to set up a fake web page that will push the user to inform it with their username and passwords or your banking data.
In addition, the IT security company also added that it was possible thanks to this security flaw:
- To be able to listen to the user when using the microphone of his smartphone;
- Use the camera to take pictures without the user's knowledge
- Spy on SMS messages and send them;
- Spying and/or recording user phone calls;
- Phishing login information;
- Access the camera's photo gallery and several private files;
- Get geolocation information
- Access your contact numbers
- Access your call history.
According to computer security experts, fixes were made to fill this security breach when it was discovered that it is being exploited by hackers on banking applications. More than 60 banking institutions have been targeted by the security breach, according to the cybersecurity firm. Promon's chief technology officer, Tom Hansen, has notified the BBC of his discovery of 500 apps on the Play Store being vulnerable to this security breach.
LookOut, another cybersecurity company, discovered that there were more than 36 malware programs to exploit this security vulnerability.
Google said: "We appreciate the work of the researchers and have suspended the potentially harmful applications they have identified. In addition, we continue to investigate to improve Google Play Protect's ability to protect users from similar problems," said the Mountain View company.
Now access an unlimited number of passwords: