Promon researchers have just exposed a Strand Hogg 2.0 privilege promotion vulnerability that affects lower-version systems such as Android 9.0, and if exploited by hackers, all of the user’s applications will be exposed. Promon informed Google of the CVE-2020-0096 security vulnerability, and the search giant has downgraded it to “severe.” Fortunately, the vulnerability has not yet been widely exploited in the wild. But after today’s revelations, tens of millions of Android device users will become more vulnerable.
The Promon bulletin states that the vulnerability allows malicious applications to obtain a hypothetical legal identity while completely hiding themselves.
Once a malicious app is installed on a device, it can infect the user’s personal data, such as text messages, photos, login credentials, tracking GPS motion, calling logs, and listening to users through cameras and microphones.
Promon said Google received a vulnerability disclosure notice on December 4, 2019, meaning the search giant had five months to fix the vulnerability before it came to public exposure.
The CVE-2020-0096 bug fix (covering Android 8.0 / 8.1 / 9.0) is already included in the April 2020 security patch for Android Eco Partners.
Strand Hogg 2.0 – The evil twin – Of Concept (via)
It is important to note that Strand Hogg 2.0 is more complex than the initial vulnerability, making it difficult to detect by anti-virus and security scanners.
End users need to be careful not to install Android apps from untrusted sources that are unknown to protect them from such malicious attacks.