HomeNewsStrandhogg 2.0 malware disguises as real apps to steal user data on...

Strandhogg 2.0 malware disguises as real apps to steal user data on Android devices

If you purchase via links on our reader-supported site, we may receive affiliate commissions.

The Android bug as uncovered by security researchers is a major vulnerability that is present in almost all versions of Android OS. This “Strandhogg 2.0” malware which was named after Norse term for brutal takeover poses as legitimate apps to steal sensitive data like passwords and the like. It was named as the “evil twin” due to the similar way it operates like Strandhogg 1.0 which was discovered about six months ago with a capacity to affect devices running on the lowest Android version to version 10.0 as discovered by the Norwegian security firm Promon.

Strandhogg 2.0 operates by deceiving potential victims into believing they are typing in their login details on a legitimate app without knowing they are on a malicious app. Strandhogg 2.0 malware can also hijack the app’s user authorization to drain off the victims’ vital data. It is said to be more dangerous and tricky than Strandhogg 1.0 with a feature that makes it “virtually undetectable” according to Tom Lysemose Hansen, the CEO of Promon.

This malware can also exploit the vulnerability without root access with about 500 most popular at risk when an attack from hackers is successful, they can also listen to the victim’s conversations, read and send out SMS from victim’s device, make phone calls from victim’s phones, steal login details and also have access to both the victim’ photos and files present on the device. This makes it a potent android malware as highlighted by Promon research experts.

Promon disclosed that there is no evidence the hackers have started using the bug in an active hacking campaign but that it is good the malware has been detected even with the fears of the bug being exploited anytime soon by the hackers.

Google’s Response To Strandhogg 2.0 Malware

Google is working on fixing the vulnerability very soon according to the spokesperson of Google while insisting that there are no active attacks yet. “Google appreciates the efforts of the research team and has released a fix for the identified vulnerability” He concluded by saying Google Play Protect, an app screening service was built into all Android devices to help block apps that exploit the Strandhogg 2.0 vulnerability.



Subscribe to SecureBlitz Newsletter

* indicates required
John Raymond
John Raymond
John Raymond is a cybersecurity content writer, with over 5 years of experience in the technology industry. He is passionate about staying up-to-date with the latest trends and developments in the field of cybersecurity, and is an avid researcher and writer. He has written numerous articles on topics of cybersecurity, privacy, and digital security, and is committed to providing valuable and helpful information to the public.


Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.