MAJOR VULNERABILITY POTENTIALLY IMPACTED 150 MILLION SMARTPHONE USERS WORLDWIDE | WHAT REALLY HAPPENED


MAJOR VULNERABILITY POTENTIALLY IMPACTED 150 MILLION SMARTPHONE USERS WORLDWIDE

Researchers have discovered multiple vulnerabilities in a pre-installed app on phones made by one of the world’s biggest smartphone vendors that potentially impacted the privacy and security of more than 150 million Android users worldwide.

According to security researchers at Check Point Research, the vulnerabilities were found in an app pre-installed on smartphones made by Xiaomi, the biggest mobile phone manufacturer in China and India, and the fourth biggest by market share in the world.

The app in question was a self-proclaimed security app dubbed “Guard Provider,” which promised to protect Xiaomi users from malware. But Check Point found that the app’s failure to encrypt virus database updates opened Xiaomi users to man in the middle attacks (MiTM) when users connected to public WiFi hotspots.

“Once connected to the same WiFi network as the victim—say, in public places i.e. at restaurants, coffee shops, or malls—the attacker would be able to gain access to the phone owner’s pictures, videos, and other sensitive data, or inject any type of malware,” Check Point told Motherboard in an email.

Webmaster's Commentary: 

THAT... is an industrial strength "oops there!"

Comments

SHARE THIS ARTICLE WITH YOUR SOCIAL MEDIA