{"vulnerability": "CVE-2020-0096", "sightings": [{"uuid": "c5151be4-f236-4f1b-b33e-b7232a59d332", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2020-0096", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/strandhogg-20-haavoittuvuus", "content": "", "creation_timestamp": "2020-05-27T08:44:21.000000Z"}, {"uuid": "6ef8de38-2983-4d0b-beaa-01eefc05075f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-0096", "type": "seen", "source": "https://t.me/information_security_channel/38094", "content": "A new Android bug dubbed StrandHogg 2.0 affects all devices running Android 9.0 and earlier. The bug lets malicious apps pose a legitimate app and steal victim data. The bug was found by the Promon researchers tracked as (CVE-2020-0096) and it is similar to the original StrandHogg bug that was discovered as last year. StrandHogg [\u2026]\nThe post New Android Bug Strandhogg 2.0 Affects all Devices Running Android 9.0 and Earlier (https://gbhackers.com/strandhogg-2-0/) appeared first on GBHackers On Security (https://gbhackers.com/).", "creation_timestamp": "2020-05-27T08:07:45.000000Z"}, {"uuid": "2b2439b6-041d-4358-b028-8a43d71b7933", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-0096", "type": "seen", "source": "https://t.me/Yemen_Shield/37", "content": "Strandhogg 2.0 !!!\n\nA new critical vulnerability (CVE-2020-0096) affects over BILLION ANDROID devices that could let attackers hijack apps installed on targeted devices and steal users' BANKING and other log-in credentials.\n\nRead to learn more:\nhttps://thehackernews.com/2020/05/stranhogg-android-vulnerability.html", "creation_timestamp": "2020-07-06T18:01:39.000000Z"}, {"uuid": "da5f1181-4508-45bd-b4e9-4cedf14bbd92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-0096", "type": "seen", "source": "https://t.me/true_secator/607", "content": "\u0421\u0435\u0433\u043e\u0434\u043d\u044f \u043d\u043e\u0440\u0432\u0435\u0436\u0441\u043a\u0438\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Promon \u043e\u0431\u043d\u0430\u0440\u043e\u0434\u043e\u0432\u0430\u043b\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e \u043d\u043e\u0432\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2020-0096 \u0432 Android, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u0443 \u0432\u0437\u043b\u0430\u043c\u044b\u0432\u0430\u0442\u044c \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f, \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u043d\u0430 \u0430\u0442\u0430\u043a\u0443\u0435\u043c\u043e\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435, \u0438 \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043e\u043d\u0438 \u043d\u0430\u0437\u0432\u0430\u043b\u0438 StrandHogg 2.0.\n\nStrandHogg - \u044d\u0442\u043e \u0441\u0442\u0430\u0440\u043e\u0435 \u043d\u043e\u0440\u0432\u0435\u0436\u0441\u043a\u043e\u0435 \u043f\u043e\u043d\u044f\u0442\u0438\u0435, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0431\u0443\u043a\u0432\u0430\u043b\u044c\u043d\u043e \u043e\u0431\u043e\u0437\u043d\u0430\u0447\u0430\u0435\u0442 \u043f\u0440\u043e\u0446\u0435\u0441\u0441, \u043a\u043e\u0433\u0434\u0430 \u0432\u0438\u043a\u0438\u043d\u0433\u0438 \u0433\u0440\u0430\u0431\u044f\u0442 \u043a\u043e\u0440\u043e\u0432\u0430\u043d\u044b. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u0435 2019 \u0433\u043e\u0434\u0430 \u0438 \u0442\u043e\u0433\u0434\u0430 \u0436\u0435 Google \u0431\u044b\u043b\u0438 \u043f\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u044b \u0432 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0441\u0442\u044c. \u041e\u0448\u0438\u0431\u043a\u0430 \u0431\u044b\u043b\u0430 \u0437\u0430\u043a\u0440\u044b\u0442\u0430 \u0432 \u0447\u0438\u0441\u043b\u0435 \u0434\u0440\u0443\u0433\u0438\u0445 \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u043c\u0430\u044f.\n\n\u041d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 malware \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u043f\u043e\u0434 \u043b\u0435\u0433\u0430\u043b\u044c\u043d\u044b\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f, \u043f\u043e\u0432\u044b\u0448\u0430\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a\u043e \u0432\u0441\u0435\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u043c \u0434\u0430\u043d\u043d\u044b\u043c. \u0422\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0434\u0435\u0442\u0430\u043b\u0438 \u043f\u043e\u043a\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b.\n\n\u0425\u043e\u0442\u044f \u043d\u043e\u0440\u0432\u0435\u0436\u0446\u044b \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u044e\u0442, \u0447\u0442\u043e \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f StrandHogg 2.0 \u043d\u0435 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u0438, \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043d\u0435\u0442\u043e\u0440\u043e\u043f\u043b\u0438\u0432\u043e\u0441\u0442\u044c \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0432\u0435\u043d\u0434\u043e\u0440\u043e\u0432 \u0432 \u0432\u043e\u043f\u0440\u043e\u0441\u0430\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0432\u043e\u0438\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432, \u043f\u043e\u0441\u043b\u0435 \u043e\u0431\u043d\u0430\u0440\u043e\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 CVE-2020-0096 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u044b \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u0442\u044c.", "creation_timestamp": "2020-05-26T20:06:54.000000Z"}, {"uuid": "08f26aa1-7052-4965-ae97-519451f27b27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-0096", "type": "seen", "source": "https://t.me/androidMalware/836", "content": "StrandHogg 2.0 - The 'evil twin' vulnerability (CVE-2020-0096)\n\nVulnerability allows malware app to pose as legitimate apps \nhttps://promon.co/strandhogg-2-0/", "creation_timestamp": "2020-05-27T12:30:15.000000Z"}, {"uuid": "90b3f705-d4f3-4e5b-8b89-25067b67ec26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-0096", "type": "seen", "source": "https://t.me/cibsecurity/12088", "content": "ATENTION\u203c New - CVE-2020-0096\n\nIn startActivities of ActivityStartController.java, there is a possible escalation of privilege due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9Android ID: A-145669109\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-05-15T00:34:10.000000Z"}, {"uuid": "d6e63d67-f923-418c-9185-81440dbb0da8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-0096", "type": "exploited", "source": "https://t.me/thehackernews/709", "content": "Strandhogg 2.0 !!!\n\nA new critical vulnerability (CVE-2020-0096) affects over BILLION ANDROID devices that could let attackers hijack apps installed on targeted devices and steal users' BANKING and other log-in credentials.\n\nRead to learn more:\nhttps://thehackernews.com/2020/05/stranhogg-android-vulnerability.html", "creation_timestamp": "2020-05-26T16:47:59.000000Z"}, {"uuid": "0340d200-26d5-4949-a098-9e00876dc549", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-0096", "type": "seen", "source": "https://t.me/arvin_club/2252", "content": "Strandhogg 2.0 !\n\n \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0645\u0647\u0645 \u062c\u062f\u06cc\u062f \u0627\u0646\u062f\u0631\u0648\u06cc\u062f (CVE-2020-0096) \u0628\u06cc\u0634 \u0627\u0632 \u06cc\u06a9 \u0645\u06cc\u0644\u06cc\u0627\u0631\u062f \u062f\u0633\u062a\u06af\u0627\u0647 \u0647\u0627\u06cc \u0627\u0646\u062f\u0631\u0648\u06cc\u062f\u06cc \u0631\u0627 \u062f\u0631 \u0645\u0639\u0631\u0636 \u0642\u0631\u0627\u0631 \u0645\u06cc\u062f\u0647\u062f \u06a9\u0647 \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u0628\u0631\u0646\u0627\u0645\u0647 \u0647\u0627\u06cc \u0646\u0635\u0628 \u0634\u062f\u0647 \u0631\u0648\u06cc \u062f\u0633\u062a\u06af\u0627\u0647 \u0647\u0627\u06cc \u0647\u062f\u0641 \u0631\u0627 \u0631\u0628\u0648\u062f\u0647 \u0648 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0628\u0627\u0646\u06a9\u06cc \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0648 \u0633\u0627\u06cc\u0631 \u0627\u0639\u062a\u0628\u0627\u0631\u0646\u0627\u0645\u0647 \u0648\u0631\u0648\u062f \u0631\u0627 \u0628\u0647 \u0633\u0631\u0642\u062a \u0628\u0631\u0633\u0627\u0646\u0646\u062f.\n https://thehackernews.com/2020/05/stranhogg-android-vulnerability.html\n\n\ud83d\udc49@arvin_club\ud83d\ude80", "creation_timestamp": "2020-05-26T17:03:25.000000Z"}, {"uuid": "e41f4071-d90e-433d-bead-36c491c80b7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-0096", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/1187", "content": "#exploit\nCVE-2020-0096:\nAndroid StrandHogg 2.0 - The \"evil twin\"\nhttps://promon.co/strandhogg-2-0", "creation_timestamp": "2022-07-08T14:54:02.000000Z"}]}