One of the most privacy-sensitive usages of Android Smartphones today is to access our online accounts through banking apps. Back in January, the security firm Securify B.V. discovered a malware they named BankBot, embedded in an app called “Funny Videos 2017”.
“Funny Videos” was actually useful for what its name suggested, it contained a set of viral videos that users could see on their Android smartphone and make fun of them. In the background, it had a less funny purpose, steal user’s banking credentials.
Technically, what the BankBot was doing was to check the banking apps installed on the phone against a list of 425 banking apps. When one of these apps was launched in the phone, the BankBot launched an overlaid screen exactly like the one the App was showing so that the user inputs his or her credentials in the BankBot instead of the real banking app.
This can happen mainly because the “Funny Videos” app persistently requested administrative rights. If granted, these administrative rights allow the application to do things such as check the apps installed on the device, see when these are launched, display overlay screens, and so on.
One could argue that granting administrative rights to a “Funny Videos” app is somehow strange, but we should not expect people to understand what permissions an app needs or does not need. Additionally, in the future malicious apps can find vulnerabilities that do not require administrative rights to do these kinds of tricks.
In order to avoid this at once, it is always recommended to isolate critical apps on your Android phone. By isolation, we mean to put them in a separate “virtual” space so that other apps, even with administrative rights, would find it more difficult to interact with them.
How can you isolate apps in an Android smartphone?
- Option 1 (for consumers): use Android multiuser accounts. Create a different account to run your privacy critical apps there. While this is not perfect, at least it will put the first barrier of isolation.
- Option 2 (for IT managers, work phones, and prosumers): find a solution embedded in an Android ROM which has a space separation feature. While this is more complex from a technical standpoint, it will provide a higher degree of isolation between apps. Examples of these solutions are the ones offered by Samsung Knox or Secure Spaces by Graphite Software.
|In summary: be careful with the apps you run in your Smartphone, especially if you are running critical apps such as your work email or banking apps on it.|
Article written by David Purón, Founder and Chief Executive Officer at Barbara IoT.