https://thehackernews.com/2019/04/xiaomi-antivirus-app.html
I have always been a fan of Android over iOS, but I found this headline to be too awesome to pass up. Certain Xiaomi phones come pre-loaded with an Antivirus app suite called Guard Provider. The main feature of Guard Provider is that it helps to facilitate you choosing an antivirus app, from a list of 3: Avast, AVL or Tencent. I supposed they did this, so that they didn’t have to develop an antivirus app themselves, but also didn’t want to prevent the customers from being able to have some flexibility in which AV app they wanted to use. Not sure why they would do this, since Android let’s you add and remove apps as you please, for the most part. The problem with Guard Provider is that it used an unsecure HTTP connection for downloading AV signature updates and it also allowed the 3 SDKs from the 3 AV apps to co-exist and talk to each other. This combination could allow an attacker to perform and man in the middle attacker over that HTTP connection and slip malware into the download. They also apparently found a way to exploit that connection, so that they could access the user’s pictures, videos and other data. The software has since been patched.
Leave a Reply
You must be logged in to post a comment.