The official applications for the 2020 elections of President Trump and Joe Biden present significant security concerns, the researchers said. With the US presidential election just days away, questions about the security of the official apps used by the two candidates have been raised by researchers from security firm Promon. The company discovered that the Trump and Biden apps are vulnerable to StrandHogg, a known and critical Android vulnerability that allows hackers to easily hijack apps and overlay fake screens that can depict anything the attacker wants, including screens asking the delivery user. about confidential information, such as usernames and passwords.
Hacked election apps
The news comes as President Trump recently told a campaign rally that "no one gets hacked. To get hacked you need someone with 197 IQs and their password." Promon was able to use StrandHogg to overlay fake screens, one on the Trump app, asking users to donate to the Biden campaign, and another on the official Biden app, showing the Democratic candidate wearing a MAGA hat, urging users to vote for Trump. "The president's statement unfortunately reflects a widespread sentiment that strong passwords will protect you from hackers and that hacking, in general, doesn't affect the average citizen," said Tom Lysemose Hansen, Promon's chief technology officer. "Unfortunately, this is not the case. Absolutely nothing is 'impregnable' and even the most secure and prestigious accounts are vulnerable if the user falls victim to a phishing attack looking for company names. username and passwords.” The report comes shortly after Trump's official Wisconsin re-election campaign said he lost $2,3 million to hackers who carried out a phishing attack.