A new StrandHogg 2.0 dubbed Android bug affects all devices running Android 9.0 and older. The bug allows malicious apps pose a legitimate application and steal information from victims. Android users need to update their devices with the latest android version as quickly as possible to guard against the attack.
The attack enables attackers to gain access private SMS and images, steal the login details of victims, monitor GPS activities, allow and/or record phone calls, and gather intelligence via the microphone and camera of a smartphone.
Due to their code-based execution, it is hard to detect. It doesn't require root access to exploit this security vulnerabilities, it allows advanced threats even on unrooted phones, says researchers at Promon.