Cyber Security – CERTs, Policy, etc

StrandHogg Malware

Note4Students

From UPSC perspective, the following things are important :

Prelims level : StrandHogg

Mains level : Cyber Security

After Pegasus, the vulnerability in Android devices from a new malware StrandHogg has caught the eye of the cybersecurity wing of Ministry of Home Affairs

StrandHogg

  • Cybercriminals have found a malware to breach Android devices.
  • It is called StrandHogg, and it can allow them to listen to microphone, steal login credentials, take photos using camera, read SMS and even access photos.
  • The “Threat Analytical Unit” of Indian Cyber Crime Coordination Centre, has sent an alert to all states and police departments of a bug that can be exploited by malwares posing as genuine apps to spy on users.

So what is StrandHogg and why it targets Android devices?

  • At the heart of the issue is a weakness in the multi-tasking system of Android OS.
  • It basically exploits Android control settings called taskAffinity and taskReparenting to allow apps including malicious ones to freely assume identity of another task in the multitasking system.
  • It allows the malicious activity to hijack the target’s task, so the next time user opens the target app, the hijacked tasks will open up instead of the original tasks.
  • During this interception, the malicious app will seek permission to access the device’s camera, microphone, messages, GPS and storage.
  • If the user grants these permissions, the malicious app gains access to these components.
Subscribe
Notify of
0 Comments
Inline Feedbacks
View all comments