Android bug helps cybercriminals target bank accounts

Tuesday 3 December 2019 10:30 CET | News

A security flaw in Google’s Android software found by security experts at Promon has let cyber-thieves craft apps that can steal banking logins.

Called Strandhogg, the vulnerability can be used to trick users into thinking they are using a legitimate app but are clicking on an overlay created by the attackers. More than 60 financial institutions have been targeted by the technique, a survey of the Play store indicated.

The problem emerged after Norwegian mobile security company Promon analysed malicious apps that had been spotted draining bank accounts. Promon worked with US security company Lookout to scan apps in Android's Play store to see if any were being abused via the Strandhogg bug.

They found that 60 separate financial institutions were being targeted via apps that sought to exploit the loophole. Lookout said it found criminals used variants of a well-known malicious money-stealing app known as bankbot.

Still, Google said it had taken action to close the loophole and was keen to find out more about its origins, according to BBC.

Promon's chief technology officer welcomed Google's response, as he said many other apps were potentially exploitable via the spoofing bug. But he noted that it still remained possible to create fake overlay screens in Android 10 and earlier versions of the operating system.
More: Link

Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: Promon, android bug, security flaw, fraud prevention, data harvesting, banking bot, malware, cybersecurity, Google, bankbot
Countries: World