A new vulnerability discovered by Promon named StrandHogg has been actively attacking Android devices. The bad thing is, it has capability to attack both rooted and un-rooted devices.
This vulnerability is so dangerous that even knowledgeable users can be tricked to submit their credentials, which will then be stolen and used for malicious purposes. “StrandHogg is unique because it enables sophisticated attacks without the need for a device privilege escalation (rooting), The vulnerability allows hackers to exploit a weakness in the multitasking system of Android to enact powerful attacks that allows malicious apps to masquerade as legitimate apps on the device,” says Promon.
Securemetric, as one of the many companies, working in digital security, provided a solution named SMobileShieldX (SMSX). Quoted from its website, SMSX is a security technology that provides self-protection abilities to the mobile application. SMobileShieldX integrates directly into the mobile application to provide various kind of proactive security against a wide range of attacks such as debugging, code injection, code modification and many other technique. Our technology support both iOS and Android application. More information on SMSX can be retrieved from https://www.securemetric.com/mobile-application-security/smobileshieldx/.
Video below demonstrates how StrandHogg vulnerability works.
That’s it for today. Cheers.
Originally published at https://www.handracs.info on December 15, 2019.