Virus Trojaner Totenkopf

Critical Android vulnerability opens up unimaginable possibilities for attackers

Trojaner Totenkopf virus

And the groundhog greets you every day. A new Android vulnerability appears on the horizon. It was discovered by the security company Promon, which it named StrandHogg 2.0. Hackers can act particularly vicious.

As soon as the newly discovered malware is on the smartphone, it can disguise itself as another application. The user starts a legitimate application, but accesses the malware. This asks you on behalf of the selected app to grant it different permissions. As soon as this is done, attackers can control practically all critical smartphone systems and thus obtain login data for online banking, compromising images and videos or recorded calls. And that doesn’t even require root access.

In general, according to the security experts at Promon, StrandHogg 2.0 can be used to perform the following activities:

  • Spy on users through the microphone
  • Take photos with the camera
  • Send and receive SMS
  • Make or record calls
  • Copy credentials
  • Get access to all your private photos and files
  • Get location data
  • View contact list
  • View phone records

Vulnerability: is your smartphone affected?

The answer to this question is probably “yes”. Because only smartphones with the Android 10 operating system were saved from the security breach. Devices with Android 9 Pie or earlier are affected. And according to Google’s own data, that’s just under 92 percent.

How can you protect yourself?

According to Promon, Google knows StrandHogg 2.0. Consequently, the American company wanted to release a security update this month that will eliminate the security breach. However, most users will have to wait a while for the update, because smartphone makers will have to adapt them to their user interfaces first, and that can take time.

All users can currently do is check the phone settings regularly for updates and install them as soon as they are available. Until then, you’d better refrain from installing apps from third-party sources. It is best to use the Google Play Store for this.