Android StrandHogg vulnerability demo | Exploit | PoC | Malware

Подписаться 392 тыс.

Просмотров 23 тыс.

50% 1

Android StrandHogg vulnerability
Vulnerability allows malicious app to masquerade as any other app on the device.
If you launch Facebook, malware is executed.
In the video is simple exploitation of the vulnerability.
More info: promon.co/security-news/stran...
SUBSCRIBE: / lukasstefankoinfosec
FOLLOW: / lukasstefanko

Наука

Опубликовано:

1 дек 2019

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 27

@codenamepk 3 года назад

Which application is using in your phone to show the methods

@user4gent416 4 года назад

Download link for PoC please. I want to try it on my phone.

4 года назад

Hello Lukas. I can't clean up fake Flash Player apps from my phone ( Samsung Note 5 ) That fake Player don't let me clean itself. PLEASE help me how can I do it ??

@mobilehacker 4 года назад

[Update] StrandHogg was used by Android banking Trojan (BankBot) found on Google Play in 2017 Using "taskAffinity" it impersonated Google Play Store app to request credit card details from the victim. I created a PoC video to demonstrate StrandHogg in this 2 years old malware: twitter.com/ESETresearch/status/1202154415584694272 More info: www.welivesecurity.com/2017/09/25/banking-trojan-returns-google-play/

@atalyy 4 года назад

Hello Lukas :) I have a quick question, will my mcafee mobile antivirus stop all or majority of viruses from play store? Thanks in advance.

@mobilehacker 4 года назад

Hey Monika, it depends because antivirus simply cant detect this single thing as issue however, if it is used in malicious app then your mobile antivirus should protect you. So, the quick answer is yes, your antivirus can protect you if it is used in app with malicious functionality.

@atalyy 4 года назад

@@mobilehacker Thank you

@truelies5431 4 года назад

My old phone has it, it was disguised as Ccleaner, the phone had a lot of ads popping everywhere which made me install Ccleaner didn't help much so I decided to uninstall chrome (since ads were displaying as notifications from chrome) still didn't work ... Then decided to reinstall all apps.. Ads stopped popping but somehow the fake Ccleaner app keeps coming back ( it's called fireplo version 1.0) tried denying permissions..deleting "APPMARKET" folder which had pictures of ads in it...it just keeps coming back..how?

@nmsepic8798 4 года назад

Because your phone infected with adware malware if you are using old Android version then just reset your phone clear phone cache as well Also try to update your Android version

@truelies5431 4 года назад

@@nmsepic8798 Thanks buddy, I did that...I also realized there was a fake program on old family PC that pushed android malware whenever ADB was available

@lucamaina5001 4 года назад

Do you know if and when the patch will be published?

@mobilehacker 4 года назад

I dont think there will be any, since Google doesn't recognize it as bug. This is a legit Android functionality but, it can be misused for phishing by malware.