Android Users Must Stay Alert to New Security Flaw

March 6, 2017 @ 10:30 AM
| |
2 min read

A security flaw and new concerns with malware provide further evidence of the need for Android users to remain diligent to the risks posed by external attackers.

According to Bleeping Computer, two different sets of researchers uncovered potentially dangerous concerns that were connected to applications hosted on the Google Play Store. The first issue related to popular password management tools, while the other focused on infected apps for a range of hobbies, including gardening and knitting.

The security flaw and malware threat highlight how important it is for IT managers to ensure their organization and its Android users follow best practice procedures.

Understanding the Security Flaw

German security professionals TeamSIK uncovered 26 security flaws in nine of the most popular Android password managers on the Google Play Store. Password managers are a convenient way to help users remember and control the many codes and keys that people use every day.

These flaws included using plaintext to store the master password, hardcoding the encryption key in the app’s source code and placing user passwords in the device’s shared clipboard space, making passwords available to other apps.

TeamSIK said that the overall results were extremely worrying and such flaws can abuse the users’ confidence, exposing them to high risks. All reported flaws have now been fixed by the vendors. However, the research acts as a useful reminder that users should not simply assume that their password manager provides a military-grade solution.

Recognizing the Malware Risk

Another team of security researchers found traces of Windows malware in 132 apps hosted on the Google Play Store. Experts from Palo Alto Networks discovered the apps contained an iframe that linked to malicious domains.

The researchers suggested that the most likely cause of the problem was an infection in the app creators’ development platforms. The malware searches for HTML pages and injects malicious content, often without the developers’ awareness.

The infected apps were simplistic in nature, noted Bleeping Computer in another article., and little harm was done due to the limited number of downloads. Palo Alto Networks reported its findings to Google’s security team and all infected apps were removed from the Google Play Store.

Following Best Practice Procedures

The Palo Alto research demonstrated the dangers of simply assuming every app hosted in an official store is safe to download. Mobile malware has become the vehicle of choice for many cybercriminals, and errant individuals will look for any back door that provides access to critical business data.

IT managers must use tried and trusted techniques to lock down corporate access points. However, security flaws in respected password managers will do little to alleviate fears around external threats to Android users.

Organizations should ensure their users follow a range of best practice procedures to keep information safe. Google provides monthly security updates for Android, so IT managers should ensure any updates and patches are made available to users as soon as possible, explained Android Authority.

Other best practice methods include the introduction of two-factor authentication and the ability to wipe devices remotely. Additionally, IT managers should create a strong enterprise security policy that prevents users from downloading apps from untrustworthy sources.

Mark Samuels
Tech Journalist

Mark Samuels is an experienced business technology journalist with an outstanding track record in research. He specializes in the role of chief information o...
read more