Norwegian cybersecurity researchers today unveiled details of Strandhogg 2.0 a security vulnerability that is affecting Android.
The malicious apps can masquerade as any other app installed on a targeted device and is then able to display fake interfaces to the users, tricking them into giving away sensitive information.
StrandHogg 1.0 was discovered late last year and researchers confirmed that some attackers were already exploiting the flaw in the wild to steal users’ banking and other login credentials, as well as to spy on their activities.
Strandhogg 2.0 is one up on it’s predecessor it can attack nearly any app on a given device simultaneously at the touch of a button. Strandhogg 2.0 affects all android users except those running the latest version, Android Q / 10.
Original Source: The Hacker News