Asian Spectator

Asian Technology

Serious Android Flaw Identified, i-Sprint found that most of the popular apps in APAC are vulnerable

  • Written by i-Sprint Innovations

YESsafe AppProtect+ protects Android Apps against StrandHogg and other attacks

SINGAPORE - Media OutReach[1] - 3 December 2019 -StrandHogg, a serious Android flaw, has been reported by BBC News and i-Sprint has found that most of the popular Android Apps in APAC are also vulnerable. StrandHogg can be very damaging and costly to Android users.

Serious Android Flaw Identified, i-Sprint found that most of the popular apps in APAC are vulnerable

In recent news reported by BBC News[2], a Norwegian app security company, Promon, has identified a serious Android following an attack on several customer bank accounts and detected a vulnerability in the Android system.  Promon named it as StrandHogg that allows real-life malware to pose as legitimate apps, with users unaware they are being targeted.  Promon scanned top 500 popular mobile apps in the world, and they are vulnerable to StrandHogg. 

StrandHogg is unique because it can be exploited with or without root access to any Android devices, and it affects all versions of Android, including Android 10.  By taking advantage of a weakness in the multitasking system of Android to enact powerful attacks, this allows malicious apps to masquerade as any other app on the device. This exploit is based on an Android control setting called 'taskAffinity' which allows any app - including malicious ones - to assume any identity in the multitasking system they desire freely. 

 

i-Sprint[3] has also done our own investigation by sampling 100 popular Android Apps across APAC and we found that all of them are susceptible to this vulnerability.  The consequences of exploiting this vulnerability by a malware include steal of usernames and passwords, drain bank accounts, track victim's movements and location, steal private SMS messages and photos, access victim's contact list and phone logs, spy through a phone's camera and microphone.

 

i-Sprint product, YESsafe AppProtect+[4], is a Runtime Application Self-Protection (RASP) solution that helps companies to protect their iOS and Android apps by blocking attacks in real-time.  AppProtect+ proactively protects mobile apps against various risks and attacks.  AppProtect+ can prevent passive attacks (like reverse engineering, repackaging and source code modification), and respond by taking necessary measures if real-time attacks are detected during app running. Mobile apps protected by the solution can also run securely even on a highly infected mobile device

 

Albert Ching, CTO of i-Sprint, said "Our latest version has introduced a new feature for the protection of task hijacking as reported in StrandHogg.  Therefore, our existing customers are equipped with the necessary protection tool even before the announcement of the StrandHogg vulnerability.  We will continue to deliver new security features to help our customers to secure and protect their mobile apps against various attacks."

 

Dutch Ng, CEO of i-Sprint said, "As people are spending more time using their mobile devices to browse content, online shopping, transaction, etc., cyberattack cases targeting on smartphone devices are also increasing. Companies need to be more alert and diligent in ensuring their apps will not be the next victim of such vulnerability."

 

i-Sprint is currently providing a free assessment to organizations who want to find out whether their app is susceptible to StrandHogg vulnerability. For interested companies, please visit www.i-sprint.com/solutions/strandhogg[5] to participate in the free assessment.

Be proactive, be safe, secure your company app with YESsafe AppProtect+.

For enquiry, please email i-Sprint at enquiry@i-sprint.com[6].

References

  1. ^ Media OutReach (www.media-outreach.com)
  2. ^ BBC News (www.bbc.com)
  3. ^ i-Sprint (www.i-sprint.com)
  4. ^ YESsafe AppProtect+ (www.i-sprint.com)
  5. ^ www.i-sprint.com/solutions/strandhogg (www.i-sprint.com)
  6. ^ enquiry@i-sprint.com (www.media-outreach.com)

Authors: i-Sprint Innovations

Read more http://www.media-outreach.com/release.php/View/22889#Contact

La Casa del Habano Celebrates Its 30th Anniversary

HAVANA, Feb. 27, 2020 /PRNewswire-AsiaNet/ -- - La Casa del Habano, the Habanos, S.A. international network of franchised specialist stores present in more than 60 countries, celebrates its ...

ACY Securities announces partnership with Football star Tim Ca...

SYDNEY, Feb. 26, 2020 /PRNewswire-Asianet/ -- Australia's soccer legend and former English Premier League star, Tim Cahill today announced his partnership with ACY Securities, a leading ASIC...

Global Digital Specialist Microland Creates European Headquart...

BIRMINGHAM, England, Feb. 26, 2020 /PRNewswire-AsiaNet/ -- Microland, India's leading digital IT transformation company, today inaugurated its state-of-the-art Digital Hub in Birmingham, UK ...

Ridgewood Infrastructure Hits Hard Cap on its Inaugural Fund

NEW YORK, Feb. 27, 2020 /PRNewswire-AsiaNet/ -- Ridgewood Infrastructure, LLC today announced the final close of Ridgewood Water & Strategic Infrastructure Fund, LP (the "Fund") at its h...

Tableau 2020.1 Delivers Community-Driven Features, Including D...

SEATTLE, Feb. 25, 2020 /PRNewswire-AsiaNet/ -- - New capabilities make data more engaging than everTableau Software, the leading analytics platform, today released new capabilities to help p...

Easyfairs Northeral Acquires Hotel Restaurant Event

BRUSSELS, Feb. 26, 2020 /PRNewswire-AsiaNet / -- Further expansion in Algeria as tourism sector booms Easyfairs Northeral, the North African branch of Easyfairs, has announced the acquisitio...

PLMP Fintech's Venture Capital entity secures Fund Management ...

PHNOM PENH, Cambodia, Feb. 26, 2020 /PRNewswire-AsiaNet/ -- The local investment arm of Singaporean blockchain firm PLMP Fintech, PLMP Venture Capital, has been awarded today an Asset and Fu...

Fibocom Launches UNISOC 8910DM Powered LTE Cat.1 Module at Embedded World 2020

Nuremberg, Germany, Feb 26, 2020 - (ACN Newswire) - Fibocom (300638, SZSE), a leading provider of cellular embedded wireless module solutions for the Internet of Things (IoT), is set to unv...

Embarking on a New Journey, the Construction of the Venues for...

CHENGDU, China, Feb. 26, 2020 /Xinhua-AsiaNet/-- The 31st Summer World University Games Chengdu 2021 is the first world-level multi-sport event to be held in Chengdu, as well as in the whole...

CPA Australia Welcomes Hong Kong Budget 2020-21

HONG KONG, CHINA - Media OutReach - 26 February 2020 - CPA Australia, one of the world's largest professional accounting bodies, has given its backing to HKSAR Government Financi...

Globe completes first successful technical 5G video call with ...

MANILA, Philippines, Feb. 26, 2020 /PRNewswire-AsiaNet/ -- The world's most sought after Internet technology is finally in the Philippines as Globe successfully completed the first-ever 5G v...

More Capable, Compact and Faster, ZTE Unveils 5G RAN Product P...

SHENZHEN, China, Feb. 26, 2020 /PRNewswire-AsiaNet/ -- ZTE Corporation (0763.HK/000063.SZ), a leading solution provider of telecommunications, enterprise and mobile internet-based consumer t...

SoftIron Co-Founder, Mark Chen, Returns to Lead Company's Secu...

LONDON, Feb. 26, 2020 /PRNewswire-AsiaNet/ -- SoftIron Ltd., the leader in purpose-built and performance-optimized data center appliances, announces the appointment of Mark Chen to the role ...

Volvo Launches Four New Trucks by Stacking Them On Top of Each...

GOTHENBURG, Sweden, Feb. 26, 2020 /PRNewswire-AsiaNet/ -- Volvo Trucks' latest launch film has reached new heights. To demonstrate the power and strength of its four new vehicles, Volvo buil...

Hong Kong Trade Development Council welcomes new Budget

HONG KONG, Feb 26, 2020 - (ACN Newswire) - Chairman of the Hong Kong Trade Development Council (HKTDC) Dr Peter Lam welcomes the new 2020-21 Budget, including the additional HK$150 million ...

Heineken(R) Unveils New "When You Drive, Never Drink" Campaign...

AMSTERDAM, February 26, 2020 /PRNewswire-AsiaNet/ -- Heineken(R) has launched a new When You Drive, Never Drink responsible consumption campaign featuring father and son duo, and former Form...

DHL Express is a Top Employer in Asia Pacific for sixth consecutive year

World leader in express logistics is certified in 63 countries worldwide -- more countries than any other companyDHL Express has received 53 different awards for its workplace culture in ...

East Japan Railway Co. to Open JAPAN RAIL CAFE at Tokyo Statio...

TOKYO, Feb. 26, 2020 /Kyodo JBN-AsiaNet/-- East Japan Railway Co. (JR East) will open "JAPAN RAIL CAFE" at Tokyo Station on March 5, 2020, as a site where visitors from overseas can interact...

All Set for Love Cooking Live!

MELBOURNE, Australia, Feb. 26, 2020 /PRNewswire-AsiaNet/ -- Home cooks, mark your calendars! This one's for you. Love Cooking Live is back and better than ever! Organised by the wonderful te...