HomeNewsStrandhogg 2.0 Malware Disguises as Legitimate Apps, Posing Serious Threat to Android...

Strandhogg 2.0 Malware Disguises as Legitimate Apps, Posing Serious Threat to Android Users’ Data Security

If you purchase via links on our reader-supported site, we may receive affiliate commissions.
cyberghost vpn ad

In a concerning development, cybersecurity researchers have discovered a new variant of malware known as “Strandhogg 2.0” targeting Android devices.

This sophisticated malware disguises itself as a legitimate app, tricking users into granting sensitive permissions and stealing their personal data.

Android users are urged to exercise caution and take preventive measures to safeguard their devices and personal information.

The Android bug as uncovered by security researchers is a major vulnerability that is present in almost all versions of Android OS. This “Strandhogg 2.0” malware which was named after the Norse term for brutal takeover poses as a legitimate app to steal sensitive data like passwords and the like.

It was named the “evil twin” due to the similar way it operates like Strandhogg 1.0 which was discovered about six months ago with a capacity to affect devices running on the lowest Android version to version 10.0 as discovered by the Norwegian security firm Promon.

Strandhogg 2.0 operates by deceiving potential victims into believing they are typing in their login details on a legitimate app without knowing they are on a malicious app. Strandhogg 2.0 malware can also hijack the app’s user authorization to drain off the victims’ vital data.

It is said to be more dangerous and tricky than Strandhogg 1.0 with a feature that makes it “virtually undetectable” according to Tom Lysemose Hansen, the CEO of Promon.

Strandhogg 2.0 takes advantage of a vulnerability in the Android operating system, allowing it to impersonate popular and trusted apps installed on the device.

Once installed, the malware can exploit permissions granted to these legitimate apps, potentially accessing sensitive data such as login credentials, financial information, and private messages.

The malware operates stealthily in the background, making it difficult for users to detect its presence. It can overlay fake login screens on top of legitimate apps, tricking users into entering their login credentials, which are then captured by the attackers.

Additionally, Strandhogg 2.0 can intercept SMS messages, record phone conversations, and perform other malicious activities without the user's knowledge.

Promon disclosed that there is no evidence the hackers have started using the bug in an active hacking campaign but that it is good the malware has been detected even with the fears of the bug being exploited anytime soon by the hackers.

Google's Response To Strandhogg 2.0 Malware

Google is working on fixing the vulnerability very soon according to the spokesperson of Google while insisting that there are no active attacks yet. “Google appreciates the efforts of the research team and has released a fix for the identified vulnerability”.

He concluded by saying Google Play Protect, an app screening service was built into all Android devices to help block apps that exploit the Strandhogg 2.0 vulnerability.

Tips To Protect Your Android Device Against Strandhogg 2.0 Malware

The implications of this malware are alarming, as it can potentially lead to identity theft, financial loss, and unauthorized access to personal information.

To protect themselves from Strandhogg 2.0 and similar threats, Android users are advised to follow these security measures:

  1. Update and Patch: Keep your Android device's operating system and apps up to date with the latest security patches. Regularly check for system updates and install them promptly.
  2. Install from Trusted Sources: Only download and install apps from official app stores such as Google Play Store, which have security measures in place to minimize the risk of malware.
  3. Check App Permissions: Pay attention to the permissions requested by apps during installation. Be cautious if an app requests excessive or unnecessary permissions that seem unrelated to its functionality.
  4. Enable Two-Factor Authentication: Enable two-factor authentication (2FA) whenever possible to add an extra layer of security to your accounts. This can help mitigate the risk of unauthorized access even if your credentials are compromised.
  5. Use a Reliable Mobile Security Solution: Install a reputable mobile security app that offers real-time scanning, malware detection, and protection against malicious apps.

It is crucial for Android users to remain vigilant and practice safe browsing habits to minimize the risk of falling victim to the Strandhogg 2.0 malware and similar threats.

Regularly monitoring app permissions, staying updated with security patches, and exercising caution while downloading and installing apps can go a long way in ensuring the security of personal data on Android devices.


John Raymond
John Raymond
John Raymond is a cybersecurity content writer, with over 5 years of experience in the technology industry. He is passionate about staying up-to-date with the latest trends and developments in the field of cybersecurity, and is an avid researcher and writer. He has written numerous articles on topics of cybersecurity, privacy, and digital security, and is committed to providing valuable and helpful information to the public.


Delete Me
Incogni Black Friday Ad
Heimdal Security ad


Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.