The official 2020 election apps of both President Trump and Joe Biden feature significant security issues, researchers have claimed.
With the US Presidential election now just a few days away, doubts have been raised over the security of the official apps used by both candidates by researchers at security firm Promon.
The company found that both the Trump and Biden apps are vulnerable to StrandHogg, a well-known and critical Android vulnerability that allows hackers to easily hijack apps and overlay fake screens which can depict anything the attacker wants, including screens that ask the user to hand over sensitive information, such as usernames and passwords.
- These are the best Android antivirus apps
- We've put together a list of the best VPN services around
- Also check out our roundup of the best malware removal software
Election apps hacked
The news comes despite President Trump recently declaring at a campaign rally that, "Nobody gets hacked. To get hacked you need somebody with 197 IQ and he needs about 15% of your password”.
Promon was able to use StrandHogg to overlay fake screens - one on Trump’s app, calling on users to donate to the Biden campaign, and another on official the Biden app, showing the Democratic candidate in a MAGA hat, urging users to vote for Trump.
“The President’s statement sadly reflects a widely believed sentiment that secure passwords will protect you from hackers and that hacking, in general, doesn’t affect the average citizen," noted Tom Lysemose Hansen, CTO at Promon.
"Sadly, this isn’t the case. Absolutely nothing is “unhackable” and even the most secure, high profile accounts are vulnerable should the user fall victim to a phishing attack which seeks usernames and passwords."
The report comes shortly after the official Trump re-election campaign in the state of Wisconsin said it had lost $2.3 million to hackers who carried out a phishing attack.
- We've also highlighted the best endpoint protection software