The total number of app downloads on mobile devices in 2018 was at 194 billion. Of which, 76 billion downloads were through the Google Play Store, and 30 billion downloads were through the iOS App Store. People are spending more time using their mobile devices to browse content, online shopping, transaction and more.

Security on a mobile phone is a rising concern. BBC News  reported in December 2019 that there was a vulnerability issue on Android system known as StrandHogg. It is the Most Challenging Vulnerability as it has a significant security impact on Android phone users, with or without device been rooted.

What is StrandHogg?

Discovered by Promon , StrandHogg allows real-life malware to pose as any legitimate app without users aware of it. StrandHogg is unique because it enables sophisticated attacks without the need for a device to be rooted. It uses a weakness in the multi-tasking system of Android to enact powerful attacks that allows malicious apps to masquerade as any other app on the device. This exploitation is based on an Android control setting called ‘taskAffinity’, which allows any app – including malicious ones – to assume any identity in the multitasking system they desire freely.

What can it do?

With StrandHogg, hackers can distribute malicious apps on Android App Store or APK download on other websites. If any phone user downloaded it, it might impact on any legitimate app on the same device.

Dangerous Permission Harvesting

StrandHogg-banner2

Powerful Phishing Attacks

StrandHogg-banner

Once exploited by hackers, the consequences faced by phone users are

  • Stealing usernames and passwords (Phish login credentials)
  • Draining bank accounts
  • Reading and sending SMS messages
  • Accessing to all private photos and files on the device
  • Making and/ or recording phone conversations
  • Spying through a phone’s camera and microphone
  • Tracking user’s movements and location
  • Accessing user’s contact list, phone logs, emails

For more information on StrandHogg, please visit Promon.

How Can Company Protect its App and Consumers?

i-Sprint’s YESsafe AppProtect+ proactively protects mobile apps against various risks and attacks, allowing mobile apps to run securely even on highly infected devices.

Comparing with the traditional Antivirus software, AppProtect+ can protect app without virus database update or internet connection; Comparing with the hardened app solution, AppProtect+ can prevent passive attacks (like reverse engineering, repackaging and source code modification), and respond by taking necessary measures to if real-time attacks are detected during app running. So, full protection is achieved.

AppProtect+’s Core Functions include:

  • Anti-reverse engineering & Anti-tampering
  • Anti-debugger
  • Anti-stealing
  • Client Management from Server

Some companies in the region such as Bank of East Asia, CITIC Bank (International) CMB Wing Lung Bank, RHB Malaysia & Singapore, Merchantrade Asia, Bank Muamalat Malaysia, Sing Investments and Finance, Rabobank Singapore and MSIG are already using AppProtect+ to protect their company apps against any vulnerability, like StrandHogg.

To understand more on AppProtect+, please click here.

Enterprises, you can do your part to enhance the security level of your mobile app to protect your company and your users.

Be Proactive  |   Be Safe   |  Secure Your App with AppProtect+

i-Sprint is providing a complimentary check for your company’s app on any vulnerability to StrandHogg. To submit your app for checking, please click on the button below.