A Critical Vulnerability Called StrandHogg 2.0 Could Affect Over Two Billion Android Devices

A critical security threat was discovered at the start of May which could affect almost every Samsung Galaxy device the company sold from late 2014 onwards. It was a zero-click bug and was able to achieve 10 points on the vulnerability severity scale. Samsung patched this vulnerability in its security update for May 2020. Now researchers have discovered another Android security threat called StrandHogg 2.0.

This vulnerability exists in almost every Android version, and only Android 10 is not affected by this critical vulnerability. With that being said, it was discovered in April that Android 10 accounted for approximately 16.12 percent of users. According to Google, there at least 2.5 billion active Android devices across the globe. This means that more than 2 billion Android devices are potentially at risk.

If a hacker is able to exploit this vulnerability, they can get access to cameras, photos, login credentials, bank accounts, and messages, say the researchers who discovered it. A group of researchers at Promon, a Norwegian security company uncovered CVE-2020-0096, and they call it SyrandHogg 2.0. The researchers stated that StrandHogg 2.0 allows attackers to hack nearly any Android app, and it is much more challenging to detect this vulnerability as compared to the original StrandHogg. It uses a reflection process to hijack apps and remains hidden in the background.

According to researchers, hijackers do not need any external configuration to execute StrandHogg 2.0 and it is more complicated to detect it as compared to the previous StrandHogg vulnerability. TechCrunch first highlighted the StrandHogg 2.0 development and Google said that the company had not seen any evidence of StrandHogg 2.0 to date. Google appreciates the work of researchers who uncovered this vulnerability, and the company has also rolled out a patch for the issue they discovered.

Moreover, Google Play Protect identifies and removes malicious apps as well as those applications using this technique. Good news for users who are running Android 9 or older version, Google added a fix for CVE-2020-0096 in its Android Security update for May 2020.

According to the research director at Rapid7, Tod Beardsley, this fix is part of the core Android OS, manufacturers and service providers will have to distribute these security patches. Mobile manufacturers and service providers are usually slow at distributing security patches according to the Promon CTO and founder, Tom Lysemose Hansen, hackers could create a powerful tool by combining the original StrandHogg and StrandHogg 2.0 vulnerability. Android users need to be cautious while installing apps.

Read next: 4200+ Android Apps Responsible for Massive Data Leak
Previous Post Next Post