Promon, an app security firm from Norway, has identified a weakness with Android smartphones which exposes them to the StrandHogg malware. This flaw has the ability to attack the phone’s operating system and pose as another app, thus deceiving the user to enter their sensitive information such as passwords and usernames. The user, unaware that they are entering the data into a false form of the app, leaves them exposed as their credentials are sent straight to the attacker.
Identity thieves will be able to use this defect to access cryptocurrency wallets as they get hold of users app login details with ease. The firm have also reported that hackers will be able to access the microphone of the infected phone, read messages and access photos through StrandHogg.
The potential crisis looming has been illustrated by Tom Hansen, the Chief Technology Officer of Promon, as the company holds concrete evidence that StrandHogg is being used to steal confidential details. He expressed that nearly every version of an Android smartphone has been affected, with the majority of apps vulnerable meaning the scale of damage could be remarkable.