Android Fake ID flaw increases BYOD risks

Tools

The Android Fake ID flaw could open up enterprises that allow BYOD to malware that impersonates trusted apps, steals confidential information and fools mobile device management software.

The flaw, discovered by security firm Bluebox, enables malware to copy an Android app's unique identity and use that ID to impersonate the legitimate app without user notification, explains Jeff Forristal, chief technology officer with Bluebox, in a blog.

"This can result in a wide spectrum of consequences. For example, the vulnerability can be used by malware to escape the normal application sandbox and take one or more malicious actions: insert a Trojan horse into an application by impersonating Adobe Systems; gain access to NFC [near field communications] financial and payment data by impersonating Google Wallet; or take full management control of the entire device by impersonating 3LM," writes Forristal.

The flaw affects all Android devices prior to Android 4.4 (KitKat), or more than 82 percent of the Android devices currently in use, according to Google's stats. Google did issue a patch for the vulnerability in April to the phone manufacturers in response to Bluebox's research. However, not all of the vendors have released the patch to their ecosystems.

The flaw could lead to a BYOD device being compromised through the download of malware impersonating a legitimate app. This could in turn fool device management software and infect the corporate network, explains TechTarget in an article.

TechTarget recommends that IT security teams use app whitelisting to approve trusted apps, train employees about how to avoid downloading suspicious apps and phishing scams, use software enabled with app analysis and use an enterprise app store. This will reduce the risks from the Fake ID flaw, as well as other malware that could infect BYOD devices and the network.

For more:
- check out the Bluebox blog
- read the TechTarget article [reg. req.]
- see the Google Android use stats

Related Articles:
Malware attacks on Android devices see 600% increase, says Sophos
Android security hole could enable attackers to bypass VPN
Flood of BYOD devices challenges IT security pros