Posted on : 30 Jan 2020Views: 297
• StrandHogg is a software bug that exploits Android control settings called task Affinity and task Reparenting to allow apps including malicious ones to freely assume the identity of another task in the multitasking system. • It allows real-time malware applications to pose as genuine applications and access user data of all kind. • It can allow hackers to listen to the microphone, steal login credentials, take photos using the camera, read SMS and even access photos. • It allows the malicious activity to hijack the target’s task, so the next time the user opens the target app, the hijacked tasks will open up instead of the original tasks. • During this interception, the malicious app will seek permission to access the device’s camera, microphone, messages, GPS and storage. • If the user grants these permissions, the malicious app gains access to these components. • Currently, there is no effective block or even detection method against StrandHogg on the device itself. • It was first reported by Norway-based cybersecurity firm Promon and later confirmed by their partner firm Lookout. • The cybersecurity wing of Ministry of Home Affairs has issued a warning against this bug.
Article Related Questions
Consider the following statements regarding the recently discovered StrandHogg bug
1.It is known to target Windows and Ubuntu operating systems.
2.It allows real-time malware applications to pose as genuine applications and access user data.
3.There is no effective detection method against StrandHogg on the devices.
Which of the above statements are correct?
1.1 and 2 only
2.2 and 3 only
3.1 and 3 only
4.1, 2 and 3
Right Ans : 2 and 3 only