Discover and read the best of Twitter Threads about #StrandHogg

Most recents (2)

1/ Thread about #StrandHogg

So a “new” #Android vulnerability with the usual pack (name, website, fancy logo) is in town. #StrandHogg is far from being new. Task hijacking in Android has been documented in 2015 usenix.org/system/files/c…
2/ It is also a documented feature in the Android developer documentation developer.android.com/guide/componen…
3/ Yes sure you don’t need root to exploit #StrandHogg but you still need to comprise the victim’s device first by installing a malicious app on it
Read 11 tweets
Beware #Android Users!

A new unpatched #vulnerability — dubbed Strandhogg — in Android could let malicious apps take extensive control over your device & steal your login credentials.

Details: thehackernews.com/2019/12/strand…

Dozens of apps are already exploiting this flaw in the wild.
@Swati_THN 1) #Phishing Attacks:

#Strandhogg task hijacking vulnerability can be exploited to display a fake user interface (UI) while tricking users into thinking they are using a legitimate app, making it easy for the malware to steal their credentials using spoofed login interfaces.
@Swati_THN 2) Fraudulently Requesting Permissions:

A malicious app can also escalate its capabilities significantly by tricking users into granting sensitive device permissions while posing as a legitimate app.

Read more: thehackernews.com/2019/12/strand…

#infosec #hacking #cybersecurity
Read 4 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!