Latest Android Vulnerability Further Evidence of Crypto Security Challenges
Earlier this month, security firm Promon announced the discovery of a dangerous piece of Android malware that has infected devices across the globe. This malicious piece of software could cause victims to lose personal data, including keys and passwords to crypto wallets. Such security threats are, unfortunately, not new to the crypto space and their numbers appear to be growing as thieves and hackers find ever more sophisticated means to compromise user data. Their existence threatens the fabric of blockchain development, yet it also could play a key role in shaping the path of mass adoption.
The identified malware, known as StrandHogg, works by posing as a legitimate pop-up when a user opens an app. The malicious software asks for permissions, which if the unsuspecting user grants will give it access to a wide array of personal data on the device. StrandHogg can also act as a keylogger, take screenshots, and send text messages, all without the user’s knowledge. This threat affects much more than crypto information, as reports of money stolen from bank accounts are now emerging.
Needless to say, StrandHogg represents a very real challenge for crypto users, as it gives hackers access to wallet and key information. More troubling is the fact that StrandHogg is far from the only software of its type to emerge as of late. Several smartphone apps designed to steal cryptocurrency have been discovered over the past several months, as have malware programs designed to infect personal computers. As blockchain assets become more valuable more are certain to follow.
Whereas there is no question that mass adoption of cryptocurrency is certain to take place, it is equally true that much of the general public will never use personal devices as wallets if even a minuscule chance of theft exists. It is thus quite possible that this scenario opens the door to traditional banks becoming trusted custodians, as they can offer the promise of restitution in such cases. In fact, crypto adoption opens the door to a wide range of ancillary services that could work with users to ensure that funds remain safe. For example, there already exists a burgeoning cryptocurrency insurance industry, which is likely to grow in the coming years.
It is also naive to assume that technology alone can solve this dilemma. Hacking has existed since the earliest days of the digital age, and no smartphone or computer can ever be considered fully immune. Thus, alternate means of protecting crypto assets must be developed that mitigate losses.
Fortunately, there have been no reported incidents of cryptocurrency losses as a result of StrandHogg, but given the decentralized nature of the technology, it is quite possible that thefts are either unknown or misinterpreted. Regardless of how damaging this specific piece of malware ultimately becomes, it reflects the fact that there remains very real challenges in bringing blockchain technology into the mainstream.
Featured Image via Bigstock