advertisement
Another day, another malware has become the talk of town. This time, you won’t even come to know of its existence within your Android smartphone. Experts are calling it the "StrandHogg". According to them, this malware disguises itself in the form of basic apps that are available on various app stores for Android users.
The StrandHogg-infected app becomes capable of reading texts on your device or even access your phone’s camera to take photos without your consent.
But the scarier bit is that it can also create fake login pages, making you share confidential details like username and password with attackers.
According to security firm Promon, this malware doesn’t need root access to infect your device. It also can affect devices that are running on the latest Android 10 version.
The trouble is when you install apps the carrier malware manages to add more apps in the background, which ends up being the main reason for the malware to spread on your phone. Many suspected previously that the apps were being installed from the Google Play Store itself.
However, Ars Technica in a report confirmed that most of the affected apps were downloaded from third-party app stores, which anyway doesn’t guarantee protection to users or their devices.
Recent incidents of malware attacks through vulnerabilities in apps like CamScanner suggest that Google really needs to pull up its socks and make its app ecosystem malware-free, and even detect such apps early before they can cause large-scale damage.
Google, which claims to detect such malware issues in apps on the Play Store and remove them, didn’t find any issues on CamScanner, even when experts had discovered a malware, rooted through the app, which was capable of stealing confidential data from your device.
Usually, it’s difficult to tell if your phone has been infected with any malware, and with StrandHogg it’s no different.
The best way to look for any mischief on your device is to make sure you don’t click on web links that aren’t shared through known or authentic sources. Don’t give extra permissions to a particular app, and definitely don’t feed your username and password for money-related accounts.
If you manage to figure out that your phone is infected with the malware, then you can only get rid of it by factory resetting the device.
You can’t even take backups to the newly restored device, or else, the malware will jump back on to your phone, and install more apps to make it worse.
Downloading anti-virus apps may or may not work all the time for malware alerts, which is why, we recommend removing all the data from the phone and start using it like a new one.
(At The Quint, we question everything. Play an active role in shaping our journalism by becoming a member today.)