Xiaomi's vulnerable to Man-in-the-Middle attack!!!
Hello
Everyone!!!
Researchers from Check Point detected a vulnerability in Xiaomi’s pre-installed security app named 'Guard Provider' that exposes users to MitM attacks.
Welcome back
to Dark Street Hackers where we believe in spreading knowledge and
awareness in the field of Cyber Security. Today we are going to talk about
Security risk in Xiaomi’s.
Xiaomi’s pre-installed
security app Guard Provider exposes users to Man-in-the-Middle (MitM) attacks.
It could allow Hackers to turn it into a malware.
Researchers from Check Point detected a vulnerability in Xiaomi’s pre-installed security app named 'Guard Provider' that exposes users to MitM attacks.
The
Vulnerability is due to using multiple SDKs within the same App and insecure
network traffic to and from Guard provider. It could cause multiple issues such
as viruses, malware, crashes, system slowdown, privacy breaches, battery drain and
more.
As a result,
attacker allow to connect same wifi as users and can perform MitM attack. Also,
due to use of multiple SDK’s attacker could inject malware in user’s system.
What is MitM :
Man-in-the-middle
cyberattacks allow attackers to secretly intercept communications or alter
them. Detecting MitM attacks is difficult, but they are preventable.
A man-in-the-middle
(MitM) attack is when an attacker intercepts communication between two parties.
Attacker use MitM attacks for different purposes such as to spy on the victim,
to steal login credential or personal information, or to corrupt data.
What is SDK:
The acronym
SDK stands for Software Development Kit. It is a set of programming
tools that help developers to create apps for a specific platform.
According to
recent report now a days the use of SDK’s in single app is increases, on an average
a single app now have 18 SDK’s implemented in it.
What actions were taken:
Check Point
researchers notified Xiaomi about the security issue, and Xiaomi quickly
released a patch to fix the vulnerability. Users are requested to update their
system as soon as possible.
Stay safe Stay Tune!!!
Thank you for your time and stay connected with Dark Street
Hackers for more and more interesting articles.
0 Comments