Xiaomi phones plagued by a critical security flaw: Details here
Xiaomi, one of the largest smartphone manufacturers in the world, offered its devices with a critical security flaw. The issue, recently revealed by Israeli cybersecurity firm Check Point, could have allowed for dangerous malware and ransomware attacks. However, the Chinese company, which was alerted soon after the discovery of the issue, has now released a fix to handle the matter. Here are the details.
Bug discovered in Xiaomi's Guard Provider
If you've used a Xiaomi device, you may already know that the company offers a preinstalled app called Guard Provider to offer protection against rogue apps. However, ironically, Check Point discovered the same app had a security flaw that opened gates for malicious 'man-in-the-middle' attacks. In such an attack, a threat actor could've intercepted the app's network traffic and injected malicious codes into it.
Root cause of the issue
Guard Provider app uses three antivirus SDKs - Avast, AVL, and Tencent - to offer protection flexibility to the users. However, the researchers found that the interaction between Avast and AVL SDK created a backdoor. Essentially, it established an unsecured HTTP connection, which any attacker on the same Wi-Fi network as the victim could have exploited to inject malicious codes into the network traffic.
Ultimately, this could have led to data-theft, ransomware attacks
The insecure connection and code injection technique could've had a drastic impact on the security of Xiaomi phone users. Specifically, an attacker gaining access to the network traffic would have had the power to remotely execute any malware or ransomware program. From there, they would have been able to do anything on the victim's phone, from stealing data and accessing features to extorting money.
Xiaomi has patched the issue now
Currently, it's not clear if anyone tried exploiting this flaw or was aware of it prior to Check Point's revelation. However, the company notified Xiaomi after discovering the issue and the Chinese giant was quick to issue a fix. In a statement to CNET, a Xiaomi spokesperson said the company is "aware of this and [has] already worked with our partner Avast to fix it."
Xiaomi should prevent such issues from occurring in first place
Pre-installed vulnerabilities are the most dangerous ones because they compromise your phone from the moment it starts. Plus, when you are a brand as big as Xiaomi, which shipped 118.7 million phones in 2018 itself, the number of affected users also increases drastically. Hopefully, the giant takes a lesson from this case and prevents issues like this from occurring in the first place.
