An old exploit for Android devices, called StrandHogg, emerged as early as 2015, has been refined and is currently in circulation in a new version, potentially lethal; this is reported by Promon, a well-known security company, which specified that the risk concerns all versions of Android and that the same attack method has already been used by some hackers in the past to gain access to home service credentials banking. According to reports by the security company, which has already prepared an information page for the benefit of affected users, there are at least 36 corrupted apps around the web that take advantage of StrandHogg; as if this were not enough, Promon has analyzed and tested the top 500 most popular applications by verifying that they are all potentially vulnerable. The exploit goes into action when a user calls a specific app, at this point between the various authorization screens, the one that grants very large privileges to the malware, which consequently takes possession of the device, is also inserted; only when the user unknowingly grants the permissions requested by the malware is then redirected by the malicious code on the app that he tried to open.

coindesk.com image
This type of exploit, if used with what are called "banking trojans", can allow the attacker to take possession of the victim's home banking and, since some Trojans allow to remember the keys pressed by the user, intercept the sms and forwarding calls elsewhere, so even cryptocurrency wallets are definitely at risk. Promon stated that it had discovered the malware during investigations following the complaint, made by several banks in the Czech Republic, concerning the disappearance of money from the accounts of its customers; from here then the whole chain has been climbed up to the point of identifying the vulnerability which, as mentioned, essentially concerns all versions of android. Although Google has promptly done to eliminate the 36 apps found infected, the fact remains that a solution against this type of vulnerability has not yet been found; in any case Google has declared to constantly monitor the apps in publication, also because as said StrandHogg is a vulnerability already known for which many of the malicious applications that are subjected to google scrutiny before ending up in publication on the store are intercepted and blocked upstream . It remains, ultimately, that our phone is probably not the most suitable device for managing our money, whether it is virtual currency or fiat currency, and this regardless of what we have written so far , in fact it is known that smartphones are the simplest devices to attack; perhaps the best thing is still to use a computer exclusively to manage our accounts, so as to avoid any kind of risk.