Android security advice: isolate your banking apps and sensitive data

One of the most privacy sensitive usage of Android Smartphones today is to access our online accounts through banking apps. Back in January, the security firm Securify B.V. discovered a malware they named BankBot, embedded in an app called “Funny Videos 2017”.

“Funny Videos” was actually useful for what its name suggested, it contained a set of viral videos that users could see on its Android smartphone and make fun of them. In the background, it had a less funny purpose, steal user’s banking credentials.

Technically, the BankBot was doing was checking the banking apps installed on the phone against a list of 425 banking apps. When one of these apps was launched in the phone, the BankBot launched an overlaid screen exactly like the one the app is showing so that the user input its credentials in the BankBot instead of the real banking app.

This can happen mainly because the “Funny Videos” app persistently requested administrative rights. If granted, these administrative rights allows the application to do things such as check the apps installed on the device, see when these are launched, display overlay screens, and so on.

One could argue that granting administrative rights to a “Funny Videos” app is somehow strange, but we should not expect people to understand what permissions an app need or needn’t. Additionally, in the future malicious apps can find vulnerabilities that do not require administrative rights to do this kind of tricks.

In order to avoid this at once, it is always recommended to isolate critical apps in your Android phone. By isolation, we mean put them in a separated “virtual” space so that other apps, even with administrative rights, find more difficult to interact with them.

How you can isolate apps in an Android smartphone?

• Option 1 (for consumers): use Android multiuser accounts. Create a different account to run your privacy critical apps there. While this is not perfect, at least will put a first barrier of isolation.
• Option 2 (for IT managers, work phones and prosumers): find a solution embedded in an Android ROM which have a space separation feature. While this is more complex from the technical standpoint, it will provide the higher degree of isolation between apps. Example of these solutions are the ones offered by Samsung Knox or Secure Spaces by Graphite Software.

In summary: be careful with the apps you run in your Smartphone, specially if you are running critical apps such as your work email or banking apps on it.

This post was originally published at barbaraiot.com on April 18, 2017. If you like it and want to receive similar content subscribe to our Newsletter