Skip to main content
Feb 24, 2020

Android Cracks and App Hacks – What Is StrandHogg?

StrandHogg is a critical vulnerability within the Android mobile operating system allowing bad actors to obtain login credentials and gain control of security-sensitive apps. The exploit was originally discovered in 2015 but recently renamed “StrandHogg” — old Norse for a Viking tactic of plundering coastal settlements and ransoming imprisoned natives.

This vulnerability is a manifestation of the Android control setting taskAffinity. Summarily, taskAffinity grants apps the right to declare themselves as friends (Affinity) allowing the Android ‘BACK’ button to work in a seamless, user-friendly way. Conversely, the use of the taskAffinity setting introduced a vector through which malware writers have developed data theft attacks, utilizing this vulnerability to access any type of shared/available data.

Users can configure their apps to avoid StrandHogg exploitation by denying all forms of interaction with other applications where Affinity doesn’t exist. A setting in the Android manifest will protect users from a deluge of false friends inherited as a result of malware activity. Further steps to protect include checks that ensure malware hasn’t changed this setting.

Arxan testing found that 80% of apps don’t use the taskAffinity setting, and that only 10% of those apps take the simple step that would block StrandHogg. Vulnerabilities in the Android operating system will continue to be uncovered and rediscovered. Arxan's code protection tools can render such attacks impossible. Arxan's Android app code-level security features protect apps against code-level exploitation, automatically triggering on suspicious activity, and alert on attacks — all in real-time.

Winston Bond

Winston Bond is the EMEA Technical Director at Arxan with many years experience of working with customers in the security, software and semiconductor industries, across Europe and worldwide.

Arxan for Android

More from the Blog
May 27, 2020

Application Security: Testing is NOT Enough

In the software development world, developers are faced with a breakneck release schedule and tasked to produce applications ...
Read more
Apr 30, 2020

Mobile Application Management: A Forward View

IT Is Adapting in the Midst of the COVID-19 Pandemic The Coronavirus pandemic is a human tragedy, affecting hundreds of thou ...
Read more
Apr 16, 2020

The Next Step in the Arxan Journey

As many of you may have seen, we just announced that w
Read more