Security Newsletter

1 June 2020

New Android Flaw Affecting Over 1 Billion Phones Let Attackers Hijack Apps

A security vulnerability affecting Android that malicious apps can exploit to masquerade as any other app installed on a targeted device to display fake interfaces to the users, tricking them into giving away sensitive information. The same team of Norwegian cybersecurity researchers today unveiled details of a new critical vulnerability (CVE-2020-0096) affecting the Android operating system that could allow attackers to carry out a much more sophisticated version of Strandhogg attack.

Dubbed 'Strandhogg 2.0,' the new vulnerability affects all Android devices, except those running the latest version, Android Q / 10, of the mobile operating system—which, unfortunately, is running on only 15-20% of the total Android-powered devices, leaving billions of rest of the smartphones vulnerable to the attackers. However, unlike StrandHogg 1.0 that can only attack apps one at a time, the latest flaw could let attackers "dynamically attack nearly any app on a given device simultaneously at the touch of a button," all without requiring a pre-configuration for each targeted app

Security researchers responsibly reported the new vulnerability to Google in December last year. After that, Google prepared a patch and shared it with smartphone manufacturing companies in April 2020, who have now started rolling out software updates to their respective users from this month.

 

More #News

 

#Patch Time!

 

#Tech and #Tools

This content was created by Kindred Group Security. Please share if you enjoyed!

Kindred Group in brief

Kindred is one of the largest online gambling companies in the world with a diverse team of 1,600 people serving over 26 million customers across Europe, Australia and the US. We offer pre-game and live Sports betting, Poker, Casino and Games through 11 brands across our markets. We are committed to offer our customers the best deal and user experience possible, while ensuring a safe and fair gambling environment. Kindred is a pioneer in the online gambling industry and is an innovation driven company that builds on trust.