Promon security researchers accept uncovered a vulnerability that could allow cybercriminals to access private information on any Android phone.

500 near popular apps are at risk

On Dec. 2, the Norwegian app security firm Promon revealed the discovery of a unsafe Android vulnerability called StrandHogg, which has reportedly infected all versions of Android and has put the tiptop 500 near popular apps at take chances. Promon CTO Tom Lysemose Hansen commented:

"Nosotros have tangible proof that attackers are exploiting StrandHogg in order to steal confidential data. The potential touch on of this could be unprecedented in terms of scale and the amount of damage caused because most apps are vulnerable past default and all Android versions are affected."

How does StrandHogg work?

StrandHogg poses every bit any other app on the infected device and tricks users into believing that they are using a legitimate app. The vulnerability so allows malicious apps to phish users' credentials by displaying a malicious and imitation version of a login screen. The report reads:

"When the victim inputs their login credentials within this interface, sensitive details are immediately sent to the assaulter, who can then login to, and control, security-sensitive apps."

Aside from stealing personal data similar crypto wallet login credentials, StrandHogg can also reportedly listen to the user through their microphone, read and transport text messages, and access all private photos and files on the device, amongst other nefarious exploits.

The Promon researchers farther pointed out that they have disclosed their findings to Google terminal Summer. All the same, while Google did remove the afflicted apps, information technology does not announced as if the vulnerability has been fixed for any version of Android.

Criminals employ YouTube to install cryptojacking malware

In November, the Slovakian software security firm Eset uncovered that cyber criminals backside the Stantinko botnet accept been distributing a Monero (XMR) cryptocurrency mining module via Youtube. The major antivirus software supplier reported that the Stantinko botnet operators had expanded their criminal accomplish from click fraud, ad injection, social network fraud and countersign stealing attacks, into installing crypto mining malware on victims' devices using Youtube.