![]() Promon said it then partnered with Lookout, a US-based mobile security firm, which confirmed the vulnerability, and discovered 36 apps that were currently exploiting it in the wild. ![]() ![]() ![]() Promon said its Eastern European partner provided a sample for its researchers to analyze sample inside which they discovered the StrandHogg security flaw. The company said it “identified the StrandHogg vulnerability after it was informed by an Eastern European security company for the financial sector (to which Promon supplies app security support) that several banks in the Czech Republic had reported money disappearing from customer accounts.” Promon said this security flaw has already been exploited in the wild by malware gangs. The vulnerability - which Promon named StrandHogg - can also be used to show fake login (phishing) pages when taping on a legitimate application. In a comprehensive report published today, the research team said the vulnerability can be used to trick users into granting intrusive permissions to malicious apps when they tap and interact with legitimate ones. Security researchers from Promon our Norwegian technology partner who is specialized in in-app security protections said they identified a bug in the Android operating system that lets malicious apps hijack legitimate app, and perform malicious operations on their behalf.
0 Comments
Leave a Reply. |