Android Cyber Vulnerability: Commentary From Expert

A new vulnerability, called Strandhogg, has been found to give cyber attackers the ability to create fake login screens that can be inserted into legitimate apps to steal login details and harvest data.

Shlomie Liberow, Technical Program Manager,  HackerOne
December 03, 2019
Often malicious apps can give away tell-tale signed such as a drained battery.
A fair bit of skepticism should be applied when downloading any application to your phone, but unfortunately there may be some apps that slip through and give a false sense of authenticity. When installing applications, it is important to note the permissions it is requesting. As an example, an alarm clock app requesting access to your photos or location is a huge red flag – think about what the application actually needs access to. In addition, often malicious apps can give away tell-tale signed such as a drained battery. These apps are likely to operate in the background and are constantly running in order to steal data and access files. Mobile operating systems have come a long way in terms of safety in recent years but good old fashioned vigilance and wariness will do a lot to avoid any bad actors that are taking advantage of vulnerabilities.

If you are an expert on this topic:

Dot Your Expert Comments

SUBSCRIBE to alert when new comments are posted on this news. :

Join the Conversation

Join the Conversation

In this article