Researchers warn Android users of a new malware

COLOMBO (News1st): Security researchers have warned users of Android versions 9.0 and earlier, about a malware that can steal sensitive data including passwords, using a malicious app. StrandHogg 2.0, can trick a user into providing login details, by displaying a malicious version of an app when the icon of a legitimate app is clicked, researchers at Promon - a Norway based app protection firm, said. "If the victim then inputs their login credentials within this interface, those sensitive details are immediately sent to the attacker, who can then login to, and control, security-sensitive apps," the firm added. According to Google, 91.8 percent of Android active users worldwide are on version 9.0 or earlier. "Android users should update their devices to the latest firmware as soon as possible in order to protect themselves against attacks utilising StrandHogg 2.0," Promon said. The researchers warned that attacks carried out using StrandHogg 2.0 will be "harder for anti-virus and security scanners to detect", posing a significant danger to the user. The malware can read and send SMS messages, make or record phone conversations, while also accessing private photos, files, contact lists, and phone logs.