Android StrandHogg vulnerability demo | Exploit | PoC | Malware
Вставка
- Опубліковано 8 вер 2024
- Android StrandHogg vulnerability
Vulnerability allows malicious app to masquerade as any other app on the device.
If you launch Facebook, malware is executed.
In the video is simple exploitation of the vulnerability.
More info: promon.co/secu...
SUBSCRIBE: / lukasstefankoinfosec
FOLLOW: / lukasstefanko
[Update]
StrandHogg was used by Android banking Trojan (BankBot) found on Google Play in 2017
Using "taskAffinity" it impersonated Google Play Store app to request credit card details from the victim.
I created a PoC video to demonstrate StrandHogg in this 2 years old malware: twitter.com/ESETresearch/status/1202154415584694272
More info: www.welivesecurity.com/2017/09/25/banking-trojan-returns-google-play/
Which application is using in your phone to show the methods
Hello Lukas. I can't clean up fake Flash Player apps from my phone ( Samsung Note 5 ) That fake Player don't let me clean itself. PLEASE help me how can I do it ??
Download link for PoC please. I want to try it on my phone.
Hello Lukas :) I have a quick question, will my mcafee mobile antivirus stop all or majority of viruses from play store? Thanks in advance.
Hey Monika, it depends because antivirus simply cant detect this single thing as issue however, if it is used in malicious app then your mobile antivirus should protect you. So, the quick answer is yes, your antivirus can protect you if it is used in app with malicious functionality.
@@mobilehacker Thank you
My old phone has it, it was disguised as Ccleaner, the phone had a lot of ads popping everywhere which made me install Ccleaner didn't help much so I decided to uninstall chrome (since ads were displaying as notifications from chrome) still didn't work ... Then decided to reinstall all apps.. Ads stopped popping but somehow the fake Ccleaner app keeps coming back ( it's called fireplo version 1.0) tried denying permissions..deleting "APPMARKET" folder which had pictures of ads in it...it just keeps coming back..how?
Because your phone infected with adware malware if you are using old Android version then just reset your phone clear phone cache as well
Also try to update your Android version
@@nmsepic8798 Thanks buddy, I did that...I also realized there was a fake program on old family PC that pushed android malware whenever ADB was available
Call data app hack how to plz bro
dónde se descarga?
Do you know if and when the patch will be published?
I dont think there will be any, since Google doesn't recognize it as bug. This is a legit Android functionality but, it can be misused for phishing by malware.
@@mobilehacker that's really stupid, insanely easy phishing
I also successfully tested this code and I will record an attack video
where is exploit ?
Exploit is on my local disk. I will not publish PoC code, since the issue is not fixed.
Skiddie...
Yuval 🖕🏼
I have the exploit!
DM : bboyben234@gmail.com
Marsh Arcan it's better by telegram or protonmail bro.
Couldn't you just put the Facebook icon and name over the clean activity in this demo? lol
That would do the trick however, that is why after testing the first PoC I actually launched Facebook to demonstrate that it is the real one. :).
:)