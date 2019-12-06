A new Android vulnerability has been found which is being called Strandhogg. This new vulnerability allows hackers to steal your bank login and details. The worst part about Strandhogg is that 60 different banks and financial institutions are targeted. Read on to learn more details about this new security vulnerability and how it works.

Strandhogg Vulnerability Targeting Financial Institutions to Steal Bank Credentials

We’ve told you about a lot of Android vulnerabilities over the years and we have a new one to tell you about this week. There’s a new vulnerability that has been called Strandhogg, which is impacting Android devices all over the place. Security researchers found this new vulnerability and it appears to have targeted over 60 different financial institutions.

Essentially, with Strandhogg, hackers are able to duplicate the login screens of some of the most popular financial institutions. You think you’re entering your login details to check your bank account, but it’s actually a fake login page. Once you’ve entered your details, the hackers are able to harvest the data and steal your bank credentials. Google was alerted to this new Strandhogg vulnerability and said that it would close all loopholes that allowed these fake apps to get onto the Google Play Store.

Strandhogg Malware Successful in Stealing Bank Credentials

Promon, which is the security firm that found Strandhogg, said that this malware was successful in doing what it set out to do. Bank credentials were indeed stolen and money has been stolen using the fake login screens created by the hacker. The attacker managed to create fake login screens for over 60 financial institutions and appears to have been successful at least on some of them.

This all started back when Promon began looking at various malicious apps that were confirmed to have been stealing money from various bank accounts. A lot of people thought they were downloading and using the legitimate bank app. Instead, the hacker was able to duplicate the app and get it onto the Google Play Store. People would then download the app not knowing it was fake. At that point, people would begin entering their login details to their bank accounts.

The overlay of the login page was created by the hackers and it looks real. Security researchers say that this is definitely a new and more complex attack. Promon noticed what was going on and began working with Lookout, which is a security firm in the United States. Together these security firms began scanning various Android apps found in Google Play Store.

The researchers found that several different apps contained Strandhogg vulnerability. In total, over 60 different financial institutions ended up as targets with these fake apps. Bankbot, which is one of the most well-known apps for stealing money was used to carry out the attack. It was a variation of Bankbot that was responsible for this particular attack.

Google Suspends All Apps After Strandhogg Vulnerability Found & Successfully Stole Money

While it might be a little bit late, Google has responded and said it removed all of the apps that were part of the Strandhogg vulnerability. Those apps were removed and suspended from Google Play and Google is continuing to investigate the entire situation. Google Play Protect is supposed to protect those on Android from situations like this, but it appears Play Protect misses quite a few of these malicious apps. Hopefully, Google will be able to make Play Protect better so that instances like this stop happening to people, especially when malicious apps like Strandhogg are successful in stealing money.

The spoofing bug is to blame for this situation and even Android 10 is vulnerable to this. It doesn’t matter if you are on Android 10 or Android 9, you can still create these fake overlay screens. By Android 10, we would have thought Google would have fixed these issues, but apparently not. In the comments below, we want to know if you have ever been scammed on Android due to vulnerabilities like Strandhogg. What else do you think Google can do to better protected users on Android?