Is the Strandhogg 2.0 Android Exploit Something You Should Worry About?

Catherine Harris

By Catherine Harris


It’s been a busy year so far for security researchers! This time we’re reporting on a new Android exploit known as ‘Strandhogg 2.0’. This exploit affects devices running Android 9.0 or below, which means that potentially over 80% of current Android phones and tablets could be vulnerable.

Now, unlike a lot of security threats to Android, this one is actually a problem within the Android operating system itself. This opens up a potential for hackers to infiltrate the Android device and steal critical personal information.

Discovered by a Norwegian security research team, this exploit has been found to be very similar in nature to another recently discovered exploit named ‘Strandhogg 1.0’. This threat has been described by the Nords as Strandhogg’s ‘Evil Twin’ hence the 2.0 naming.

How does Strandhogg 2.0 work?

Strandhogg 2.0 works by utilizing the multitasking features of Android that allow a user to switch between apps. It manipulates this feature to send the user to a fake app posing as the real thing (a duplicate of an app on the user’s phone) and requests their login details.

These details are then sent directly to the hacker who can then use them to log in and collect whatever data they are seeking.

This requires the hacker to install a malicious app onto the device that will then be able to inject its code into the multitasker and create the fake login pages required by the hacker.

Should I be worried?

There is no evidence, according to Google, that this exploit has been used in a real-life situation as of yet. That means you can rest assured that you have not already been compromised by this attack.

It also seems that the most recent Android version, Android 10.0, is not affected by this bug. That said, Google is holding off on releasing more information on this threat to prevent hackers from properly manipulating it.

How can I protect myself against it?

Because this exploit only seems to be affecting versions 9.0 or lower, you should update your device as soon as possible to Android 10.0, if your device supports it.

Alongside this, it’s also important to ensure that you’re only downloading apps from the official Google Play Store as third-party sources could be providing apps with malicious code embedded within them.

Here’s how to update your Android device to ensure it has the latest security updates (may differ depending on the device):

  1. Open Settings
  2. Tap System > Advanced > System Update
  3. Follow the on-screen instructions

Another step you can take to help improve your device’s security is to install security software such as our industry-leading Android app: Certo Mobile Security.

This can be downloaded directly from the Play Store and will allow you to scan your device for any threats and risks to your device’s overall security.

It’s completely free to download and will help you to protect your important personal information. Simply click here to get started.