March 6, 2017 By Mark Samuels 2 min read

A security flaw and new concerns with malware provide further evidence of the need for Android users to remain diligent to the risks posed by external attackers.

According to Bleeping Computer, two different sets of researchers uncovered potentially dangerous concerns that were connected to applications hosted on the Google Play Store. The first issue related to popular password management tools, while the other focused on infected apps for a range of hobbies, including gardening and knitting.

The security flaw and malware threat highlight how important it is for IT managers to ensure their organization and its Android users follow best practice procedures.

Understanding the Security Flaw

German security professionals TeamSIK uncovered 26 security flaws in nine of the most popular Android password managers on the Google Play Store. Password managers are a convenient way to help users remember and control the many codes and keys that people use every day.

These flaws included using plaintext to store the master password, hardcoding the encryption key in the app’s source code and placing user passwords in the device’s shared clipboard space, making passwords available to other apps.

TeamSIK said that the overall results were extremely worrying and such flaws can abuse the users’ confidence, exposing them to high risks. All reported flaws have now been fixed by the vendors. However, the research acts as a useful reminder that users should not simply assume that their password manager provides a military-grade solution.

Recognizing the Malware Risk

Another team of security researchers found traces of Windows malware in 132 apps hosted on the Google Play Store. Experts from Palo Alto Networks discovered the apps contained an iframe that linked to malicious domains.

The researchers suggested that the most likely cause of the problem was an infection in the app creators’ development platforms. The malware searches for HTML pages and injects malicious content, often without the developers’ awareness.

The infected apps were simplistic in nature, noted Bleeping Computer in another article., and little harm was done due to the limited number of downloads. Palo Alto Networks reported its findings to Google’s security team and all infected apps were removed from the Google Play Store.

Following Best Practice Procedures

The Palo Alto research demonstrated the dangers of simply assuming every app hosted in an official store is safe to download. Mobile malware has become the vehicle of choice for many cybercriminals, and errant individuals will look for any back door that provides access to critical business data.

IT managers must use tried and trusted techniques to lock down corporate access points. However, security flaws in respected password managers will do little to alleviate fears around external threats to Android users.

Organizations should ensure their users follow a range of best practice procedures to keep information safe. Google provides monthly security updates for Android, so IT managers should ensure any updates and patches are made available to users as soon as possible, explained Android Authority.

Other best practice methods include the introduction of two-factor authentication and the ability to wipe devices remotely. Additionally, IT managers should create a strong enterprise security policy that prevents users from downloading apps from untrustworthy sources.

More from

Cloud Threat Landscape Report: AI-generated attacks low for the cloud

2 min read - For the last couple of years, a lot of attention has been placed on the evolutionary state of artificial intelligence (AI) technology and its impact on cybersecurity. In many industries, the risks associated with AI-generated attacks are still present and concerning, especially with the global average of data breach costs increasing by 10% from last year.However, according to the most recent Cloud Threat Landscape Report released by IBM’s X-Force team, the near-term threat of an AI-generated attack targeting cloud computing…

Testing the limits of generative AI: How red teaming exposes vulnerabilities in AI models

4 min read - With generative artificial intelligence (gen AI) on the frontlines of information security, red teams play an essential role in identifying vulnerabilities that others can overlook.With the average cost of a data breach reaching an all-time high of $4.88 million in 2024, businesses need to know exactly where their vulnerabilities lie. Given the remarkable pace at which they’re adopting gen AI, there’s a good chance that some of those vulnerabilities lie in AI models themselves — or the data used to…

FBI, CISA issue warning for cross Apple-Android texting

3 min read - CISA and the FBI recently released a joint statement that the People's Republic of China (PRC) is targeting commercial telecommunications infrastructure as part of a significant cyber espionage campaign. As a result, the agencies released a joint guide, Enhanced Visibility and Hardening Guidance for Communications Infrastructure, with best practices organizations and agencies should adopt to protect against this espionage threat. According to the statement, PRC-affiliated actors compromised networks at multiple telecommunication companies. They stole customer call records data as well…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today