Once upon a time in old Scandinavia, there were Vikings who used to raid the coasts with the intention of capturing livestock and indigenous peoples for the slave trade. They had well developed spy networks that informed them of the local customs, the dates of religious feasts, helped with translation and indicated places to plunder and personalities to be removed and held for ransom. This tactic of coastal raids was called the Strandhögg tactic.
In late 2019, Researchers with Norwegian app security company Promon found a bug in Android devices that enabled attackers to abuse legitimate apps for delivering malware so they can track users without their knowledge. So, they dubbed it as “StrandHogg.”
Recently, the same app security company Promon has found a new strain of the same bug. StrandHogg 2.0, which affects most versions of Android, lets malicious apps pose as legitimate apps while hiding from victims. The vulnerability is called the CVE-2020-0096. However, StrandHogg 2.0 does not affect devices running Android 10 and researchers have not seen any malware exploiting this vulnerability too.
Høegh-Omdal wrote that like its predecessor, StrandHogg 2.0 does not need any root access or Android permissions to run! Høegh-Omdal believes that any malware exploiting StrandHogg 2.0 will be extremely difficult for the antiviruses and security scanners to detect. Also Google has classified this vulnerability as Critical, releasing a patch to Android ecosystem partners last month. Fixes for Android versions 8.0, 8.1, and 9.0 are also supposed to be rolled out this month.
