This is the era of smartphones. Now we can do almost anything via smartphones. From communication to the intense usage such as file sharing, video streaming, data safety, the internet, video conference, etc. The smartphone makes everything possible. Android smartphones are mostly used devices in the world. The easy function and flexible usability make Android operating system top favorite. But, Android threat is also a big concern nowadays. Cybercriminals are targeting smartphone users around the world, and Android users are the most of those targets. Can you possibly guess why is that so? Because people are not really sure about using their smartphones safely. Are you? Do you know all of the internet security tips? Google’s business app Android for Work is at risk. A newly discovered cyber attack called “App-in-the-middle” is threatening the following business app and its work security.
New Attack Threatens Android for Work Security
We have seen earlier that the new “App-in-the-middle” attack is threatening all the Android smartphones around the world. On Android Lollipop version and BYOD, the method allows users to create two types of the user profile. One is for the business purpose with enterprise level control, and another one is the personal and unmanageable profile. The business profile is safe enough to keep your data safe where the personal profile is relatively not.
Office platform uses business profiles for many users through the user separation functionality by Android. It allows different users to use the same profile or device. The safe side of Android for work is, it has secured container where apps on the device’s personal profile will not have any accessibility to the business profile. But unfortunately, there is a problem.
A vulnerability has been found on the Android for work’s separation system. According to Skycure, Android for Work is not that much safe as we think it is. Malware can easily enter through the app and can read and steal all the necessary information. Co=founder of Skycure has some important things to share about this new Android threat and work security.
Amit said, “We will show how a malicious app installed on the personal side, which should only be able to access personal apps, can easily watch everything a person does on their business persona and perform acts on their behalf. Android for Work is a very good system with the premise of good security, but it puts the organization at stake when they have a lot of control over what goes on in the business persona, but no control over what goes on on the personal side. The damage is pretty high.”
So, we can see that App-in-the-middle attack is such vicious that can stay hidden on a personal profile but it can steal all the business data from the business profile too. Amis also quoted about the attack, “Everything you do in your persona is compromised in these attacks.” The new app-in-the-middle attack is a significant Android threat for the work security. If you think you are helpless here, and wondering what can you do if that app stays hidden on your personal profile? At least, you can introduce yourself with the cyber security tips and follow them.
