OEMs are working hard to secure users' phones by pre-installing security apps. It becomes a matter of safety when it is because of these apps that users are exposed to cyberattack. Check Point research has claimed that it has found a vulnerability in the Guard Provider app, which comes pre-installed in Xiaomi phones with MIUI OS. The firm claims that this app can help an attacker to inject a rogue code to steal or track data, or even implant malware in the device.
The Israel-based company says that because of the “unsecured nature of the network traffic to and from Guard Provider,” a threat actor could connect to the same Wi-Fi network as the victim and carry out a Man-in-the-Middle (MiTM) attack - a type of eavesdropping attack that is carried out by disabling malware protections and typing in a code to steal data or insert ransomware. It says that when the firm disclosed the vulnerability to Xiaomi, “it released a patch shortly after.”
What is the vulnerability?
The Guard Provider app uses several third-party Software Development Kits (SDKs) as part of the security service it offers. The app includes three different antivirus built-in: Avast, AVL and Tencent. Users have the freedom of selecting any one of three providers as the default Anti-Virus engine to scan the device. When that anti-virus downloads the update, the hacker intercepts the network traffic via an MiTM attack and inject rogue code as part of a third-party SDK update.
Not only does the attacker target the chosen app to secure the device, it also infects the other two providers as well. This is due to the hidden disadvantages in using several SDKs within the same app. A problem in one SDK compromises the protection of all others, and the private storage data of one SDK cannot be isolated and can therefore be accessed by another SDK. “While minor bugs in each individual SDK can be often be a standalone issue, when multiple SDKs are implemented within the same app it is likely that even more critical vulnerabilities will not be far off,” Check Point said.
With a 14.5 percent year-on-year (YoY) growth as compared to 2017, the Indian smartphone market saw 142.3 million units shipped in the Calendar Year 2018, International Data Corporation’s (IDC) Asia/Pacific Quarterly Mobile Phone Tracker said earlier this year. According to the firm, Xiaomi topped the list by capturing 28.9 percent market share and shipping a total of 41.1 million devices last year.
Xiaomi also grew 28.6 percent YoY in the fourth quarter of 2018 because of its affordable Redmi series devices and offline expansion with opening of rural stores. Xiaomi’s Redmi 5A and Redmi Note 5/Pro series emerged as the fastest selling devices of 2018 with 10 million shipments each in the full year. The brand also led in the online channel with a share of 47.2 percent.