Cyber experts are warning consumers about a spoof mobile phone program which can steal your log-in details.
It is unclear how many people have unwittingly downloaded the Strandhogg program, but it is understood more than 60 financial institutions have been targeted.
Fake log in screens
The cyber thieves have found ‘a major security weakness’ in the Android software which allows them to create fake log in screens which can be inserted into legitimate apps to harvest your log in information.
Tom Hansen is the chief technology officer of Norwegian mobile security firm Promon which discovered the flaw. He said: “It targeted several banks in several countries and the malware successfully exploited end users to steal money.”
The discovery was made after the firm started to analyse malicious apps which were responsible for draining bank accounts.
Said Tom Hansen: “We’d never seen this behaviour before. As the operating system gets more complex it’s hard to keep track of all its interactions.
This looks like the kind of thing that gets lost in that complexity.”
The Strandhogg vulnerability is used to trick mobile banking users into thinking they are using a legitimate app, but they are actually clicking into an overlay created by the hackers.
Once it was discovered Promon worked with an American firm called Lookout to scan the apps available on Android’s Play Store, they found 60 financial institutions had been targeted via apps that had been altered by Strandhogg linked to a well known money-stealing program known as ‘bankbot’.
Google, who operate Play Store, said it had taken action to close the loophole but was keen to find out more about where it had come from.
In a statement it said: “We appreciate the researchers’ work and have suspended the potentially harmful apps they identified.”
”Additionally, we’re continuing to investigate in order to improve Google Play Protect’s ability to protect users against similar issues.”
Tom Hansen welcomed Google’s response and commitment to continue its investigations ‘as many other apps are potentially exploitable via the spoofing bug’.
He also warned that it was still possible to create fake overlay screens in Android 10 and other, earlier operating systems.