150 million Xiaomi smartphones have malware

Security researchers find pre-installed apps on 150 million Xiaomi phones vulnerable to attacks

Check Point scientist Slava Makkaveev found a vulnerability that comes as part of Xiaomi’s pre-installedsafety and non-removable’ Guard Provider ‘ app, ironically intended to safeguard the phone against malware.

“However, this vulnerability found in the’ Guard Provider’ of Xiaomi raises the worrying question as to who is protecting the guardian. And although the guardian should not necessarily need guarding, it is clear that even those built in by the smartphone vendor can not be too cautious when it comes to how applications are developed, “Makkaveev said in his blog post.

Guard Provider enables customers to detect prospective malware from three built-in antivirus scanners, Avast, AVL and Tencent. With an unsecured HTTP connection, the app gets its updates.

“Briefly, because of the unsecured nature of network traffic to and from Guard Provider, a threat actor could connect to the same Wi-Fi network as the victim and carry out a MiTM attack. Then, as part of an SDK update from a third party, he could disable malware protection and inject any malicious code he chooses to steal information, implant ransomware, or track or install any other kind of malware.

The vulnerability is due to “SDK Fatigue,” which is due to enhanced use of various SDKs within the same app, making the app more vulnerable to issues such as “accidents, viruses, malware, breaches of privacy, battery drain, slowdown, and many other issues.”

In addition, the use of multiple SDKs within the same application could generate unpredictable problems for developers like:

  1. A issue in one SDK would jeopardize all others ‘ security.
  2. One SDK’s private storage data can not be isolated, so another SDK can access it.

Developers leave “organisations and users exposed to potential pitfalls that threat actors can exploit to interfere with the device’s periodic operation by using too many SDKs within the same app,” Makkaveev found.

Following a Check Point Research disclosure document, Xiaomi soon patched the vulnerability exposing MiTM users to attack.

In a declaration, a Xiaomi spokeswoman said, “Xiaomi knows this and[ have] worked with our partner Avast to solve it.”

For more information about the vulnerability, you can read the Check Point blog.

6 COMMENTS

  1. Wow what a amazing blog .
    I liked it and I’m bookmaking this for more.
    Great work admin keep up the good work.

  2. This is really happening sir.
    Because sabhi logo ke paas xiomi ka hi phone hai.
    Tab to watt lag jaayegi ekdam se.
    Please share every update as soon as possible sir.
    I’m bookmarking this website for more from u.

    I love your website design sir.

  3. What a great post .
    i just liked your design of website and its really super-fast than other site of blogging.
    can you tell about your hosting services .
    I would be also like to purchase with them..
    keep up posting..
    Will look for further updates..

  4. Great website .
    It’s really fast in loading and jumping from one post to other.
    I really enjoyed on this time.
    It seems that The admin of this website is working really hard because everything on this site is in a very explainable form .
    Which are attracting more and more users daily.
    I’m going share this on my social media accounts.

    Keep it up.

LEAVE A REPLY

Please enter your comment!
Please enter your name here