S. Vijay Kumar

All versions of Android, including Android 10, are vulnerable to this bug  

A bug, ‘StrandHogg’, allows malware applications to pose as genuine applications

The Union Home Ministry has sent an alert to all States warning them about the vulnerability of the Android operating system to a bug called ‘StrandHogg’ that allows real-time malware applications to pose as genuine applications and access user data of all kind.

While all versions of Android, including Android 10, are vulnerable to this bug, it may not be apparent to the affected users that malware applications are already on board their device. These malware can then potentially listen to their conversations, access photo album, read/send messages, make calls, record conversations and get login credentials to various accounts.

This apart, things that such malware can access include private images, files, contact details, call logs, and location information.

The information was shared by the Threat Analytical Unit, Indian Cyber Crime Coordination Centre, Ministry of Home Affairs. “At least 500 popular apps are at risk because of this malware that hackers can deploy to attack mobile phone users. An alert has been sent to all senior police officials to sensitise them to the threat. Steps will be taken to create awareness among the public on the vulnerability of Android to ‘StrandHogg’,” a police official said.

Warning signs

Pop-ups asking for permission to send notifications, messages etc., are one of the main entry points for ‘StrandHogg’ to launch the attack. An app in which the user is already logged in asking him/her to login again is another anomaly pointing to the possibilities of a cyberattack. Once users approve such requests, the malware would instantly access the mobile phone or tablet for specific purposes. “It can activate the microphone, allowing a hacker in a remote location to listen to live conversations. The camera can also be switched on to capture visuals.”

Links and buttons that become non-functional, apps asking for permissions that are not required are among the other warning signs.

The Ministry also sent a detailed list of the modus operandi of the hackers and latest trends in cyberattacks for appropriate action of the States.