Skip to main content
  1. Home
  2. Mobile
  3. News

Malicious hackers could exploit flaws in Android for Work to nab sensitive data

By

android 23 gingerbread deprecated for work
wutlufaipy/123RF
One of the pillars of Google’s enterprise-focused “work features in Android platform,” previously called Android for Work, is security. But a newly discovered exploit demonstrated at the RSA conference in San Francisco on February 16 showed how an attacker could view, steal, and even manipulate content on a corporate Android smartphone without tipping off IT administrators.

The flaw, discovered by Yair Amit, chief technology officer of cybersecurity firm Skycure, has to do with the way Android for Work handles “sandboxes,” or protects user profiles. The service operates on the idea of a “work” profile with business-level controls, enterprise applications, corporate email, and secure documents on a smartphone or tablet. This secure profile effectively acts as a separate user, though it shares icon badges and notifications with the personal profile.

Recommended Videos

This concept of sandboxing — creating a secure container where apps outside the work profile can’t access data inside it — is key to Android for Work’s conceit. But it isn’t bulletproof.

Related

One potential line of attack involves Android’s notifications framework. Incoming Android for Work messages are designated with a red briefcase icon in Android’s notifications window, giving the impression that they remain segregated from those in the personal profile.

But notifications on Android are a device-level permission, meaning apps in the personal profile can potentially manipulate the content of notifications from the work profile. Malicious software could view sensitive incoming work emails, calendar appointments, file attachments, and other messages, for example, and could transmit that information to a remote server.

The second line of attack exploits a flaw in Android’s Accessibility Service, the Android component that provides usability enhancements for impaired users. It necessarily has access to virtually all of Android’s content and controls, making apps that acquire permission to use it particularly dangerous — and difficult to detect. For instance, an app could use Android’s Draw Over Apps feature, which allows apps to lay text and graphics on top of other apps, to trick a user into activity Accessibility Service or Notifications without their knowledge.

That’s not to suggest the attacks can’t be mitigated. Android 6.0 Marshmallow requires users to manually allow apps to create system overlays by changing permissions in the settings menu. And the Notifications attack requires a user to grant extraordinary permissions to an installed app. Still, Amit notes the relative ease of circumventing Android for Work’s sandboxing method by exploiting the “illusion” of security.

“The interesting thing about both of these […] methods of defeating the Android for Work profile separation is that the device and the Android operating system remain operating exactly as designed and intended,” Amit said.

“It is the user who must be tricked into placing the software on the device and activating the appropriate services that allow the malware access to sensitive information. [The] illusion of a secure container […] tends to allow people to let their guard down in the belief that the environment itself is a sufficient security mechanism to protect data.”

Editors' Recommendations

Topics
Kyle Wiggers
Kyle Wiggers
Former Digital Trends Contributor
Kyle Wiggers is a writer, Web designer, and podcaster with an acute interest in all things tech. When not reviewing gadgets…
How to turn off call forwarding on iPhone and Android
A person holding the Apple iPhone 15 Plus, showing the camera.

If you’re mysteriously missing calls on your iPhone or Android smartphone, it may be because call forwarding is activated on your line. In that case, all your incoming calls could be going somewhere else.

Call forwarding shouldn’t typically be active unless you’ve specifically turned it on, but another person or app may have done so without your knowledge. And since call forwarding is a carrier feature, it could still be enabled on a line you inherited from someone else, even if you’ve swapped their SIM card into your phone or transferred it to a new account.

Read more
Best iPhone 14 deals: Unlocked and refurbished
The Apple iPhone 14 Pro's camera module

While the iPhone 15 may be Apple’s most recent iPhone release, that only makes the iPhone 14 a better way to save. The iPhone 14 isn’t far removed from being among the best phones on the market, and it’s still a powerhouse option for most smartphone users. There are a lot of ways to save on an iPhone 14, with shopping refurbished models being one of the best. You'll get a good warranty and a large return window shopping refurbished with most major retailers, which makes them some of the best iPhone 14 deals you'll find. With so many to take advantage of right now, we thought we’d do the heavy lifting and put all of the best iPhone 14 deals together in one place. Reading onward you’ll find some impressive savings on all models of the Apple iPhone 14.
Apple iPhone 14 -- from $479, was $699

With the Apple iPhone 14 you’re getting what is still one of the most popular smartphones on the market. This is the iPhone 14 model that’s meant for everyone. It holds back a few features you can only get on the Pro model, but it still has an impressive 6.1-inch display, an impressive camera, and dozens of ways to personalize your iOS experience with widgets and fonts. The phone can reach up to 26 hours of battery life on a single charge, and it’s powered by Apple’s A15 Bionic chip. Face ID, emergency SOS via satellite, and super fast 5G cellular connectivity round out the top features of the Apple iPhone 14.
Buy Refurbished at Amazon — from $479

Read more
How to reset Apple AirPods and AirPods Pro
Apple AirPods 3.

There's plenty to love about Apple's AirPods. The glossy white ear speakers are among some of the best Wireless earbuds money can buy, which is why so many people have them. But like all consumer tech items, you may run into a few bugs or glitches with your AirPods from time to time, or perhaps you're selling off your original AirPods Pro to buy the latest model, the AirPods Pro 2 with USB-C.

Read more