Security firm: Android vulnerability StrandHogg could steal crypto wallet information

On December 2, Norwegian application security company Promon discovered a dangerous Android vulnerability called StrandHogg. The vulnerability has been reported to have infected all versions of Android and put the top 500 most popular applications at risk. StrandHogg pretends to be any other application on the infected device, tricking users into believing that they are using a legitimate application. The vulnerability then allowed a malicious application to disguise the user's credentials by displaying a malicious and fake login screen. According to reports, in addition to stealing personal information such as encrypted wallet login credentials, StrandHogg can also listen to the user's voice through a microphone, read and send text messages, access all private photos and files on the device, and other illegal acts. Promon researchers further noted that they had revealed their findings to Google last summer. However, although Google did remove the affected applications, it did not appear to fix the vulnerability for any version of Android.