StrandHogg Bug is a bug which used to breach Android devices.
It targets Android control settings called taskAffinity and taskReparenting to allow applications including malicious apps to easily access through spoofed User Interface in the multitasking system.
This Bug don’t reside on Google play but it is installed through several dropper apps or hostile downladers distributed by Google play.
Dropper Apps: It is an app which pretends like a popular apps but they also install additional apps in our device while downloading which can be malicious or steal data.
Presently, there is no effective method to block or detect the bug. So, we can take some precautionary steps to get prevented from the bug.
We should be alert, if following discrepancies occur in our device:
- An app or service which we are already logged in, if asks for login.
- Permission popups that does not contain an app name
- Permission asked from an app that shouldn’t require or need the permissions it asks for. For eg., a calculator app asksin for GPS permission.
- Typos and mistakes in the User Interface
- Buttons and links in the user interface that does nothing when clicked on
- Back button does not work like expected.
Recently, Threat Analytical Unit of Indian Cyber Crime Coordination Centre, Union Home Ministry has sent an alert to all the states and police department about the bug.