loading... droid4gamers

Home Advertisement

Trending Now

Post Page Advertisement [Top]

Android News

serious problem threatens Android device users

A security company has issued a stern warning to Android users about a new disturbing bug that allows access to user login data for their bank accounts and other personal services.

The flaw allows Internet thieves to create fake login screens that can be inserted into certain applications, to collect sensitive data, Russia reported today.

The bug was discovered by the app security company Promon, after it analyzed the malicious apps that were detected draining bank accounts.

The newly discovered vulnerability, called Strandhogg, allows users to be tricked into making them believe they are using a legitimate application, but they actually click on the overlay screens created by Internet thieves.

Promon said the vulnerability could be used to perform an operation called "permissions harvesting" where hackers can access user microphones, camera, SMS and more.

Tom Hansen, chief technology officer of Norwegian mobile security company Promon, said he had "tangible evidence" that malicious third parties had already started taking advantage of the weakness of "many banks" and used StrandHogg to access devices and applications.

Promon identified the problem of StrandHogg after being informed by an Eastern European financial sector security company that several banks in the Czech Republic reported the disappearance of funds from client accounts.

Promon has teamed up with its US bankbot, the security firm, to search the Google Play store for applications that carry the StrandHogg loophole, and reported that the loophole targeted 60 different financial institutions.

The Norwegian security company sent its findings to Google, which has since responded to the report and began reassuring Android users that it has "suspended" any "potentially harmful" application that has been identified.

"We appreciate the work of researchers, and we have stopped potentially harmful applications," Google said in a statement. "In addition, we continue to investigate to improve the ability of Google Play's protection to protect users from similar problems."
Tags:

No comments:

Post a comment

Bottom Ad [Post Page]

Contact Us

Contact Form

Name

Email *

Message *