From UPSC perspective, the following things are important :
Prelims level : StrandHogg
Mains level : Cyber Security
After Pegasus, the vulnerability in Android devices from a new malware StrandHogg has caught the eye of the cybersecurity wing of Ministry of Home Affairs
- Cybercriminals have found a malware to breach Android devices.
- It is called StrandHogg, and it can allow them to listen to microphone, steal login credentials, take photos using camera, read SMS and even access photos.
- The “Threat Analytical Unit” of Indian Cyber Crime Coordination Centre, has sent an alert to all states and police departments of a bug that can be exploited by malwares posing as genuine apps to spy on users.
So what is StrandHogg and why it targets Android devices?
- At the heart of the issue is a weakness in the multi-tasking system of Android OS.
- It basically exploits Android control settings called taskAffinity and taskReparenting to allow apps including malicious ones to freely assume identity of another task in the multitasking system.
- It allows the malicious activity to hijack the target’s task, so the next time user opens the target app, the hijacked tasks will open up instead of the original tasks.
- During this interception, the malicious app will seek permission to access the device’s camera, microphone, messages, GPS and storage.
- If the user grants these permissions, the malicious app gains access to these components.