A new Android vulnerability has come to light and over 36 malicious apps are said to be exploiting it in the wild. Norwegian in-app security firm Promon has discovered this new vulnerability in the Android operating system. And well, it’s a super sneaky one. Dubbed StrandHogg, the vulnerability allows malicious apps to hijack genuine apps and perform malicious operations on their behalf.
It then discovered that a total of 36 apps were exploiting the flaw to trick users into granting intrusive permissions to malicious apps – while they thought they were using a legitimate app. Malicious apps were also able to serve fake login pages (phishing attack) inside these apps to further trick people into doling out their personal information.
