![Default self created cybersecurity insiders image low res](https://www.cybersecurity-insiders.com/wp-content/uploads/Default-self-created-cybersecurity-insiders-image-low-res-696x397.jpg)
![Default self created cybersecurity insiders image low res](https://www.cybersecurity-insiders.com/wp-content/uploads/Default-self-created-cybersecurity-insiders-image-low-res-696x397.jpg)
A pre-installed malware detecting application is reported to be filled with all sorts of security vulnerabilities say researchers from Israel based firm CheckPoint Software. So, they have issued a warning to the users of the worldās biggest mobile producer of China which is estimated to be holding almost 8% market share in global rankings with the number three position.
āThe app in the question of the Beijing based company is āGuard Providerā and was actually devised to protect the smartphones from malwareā, said Slava Makkaveev. He added that the app exhibits unsecured traffic exposure allowing hackers to connect to the same Wi-Fi networks as the targeted device users- an instance of āMan-in-the-Middleā Attack.
Note 1- In man in the middle attacks, cyber crooks try to intercept the communication medium between 2 parties and try to pose as the genuine party willing to communicate with the targeted device user.
Guard Provider is exhibiting Man in the middle attack traits which could have been exploited by some hackers by now. Whatās astonishing is that such attacks often go undetected by anti-malware solutions leading to data steal, ransomware implant and/or espionage.
Xiaomi has already been alerted by Check Point Software Technologies last month and the Chinese vendor reacted to the issue by releasing a fix to the said vulnerability on Tuesday last week.
Note 2- Guard Provider is reported to be using 3rd party Software Development Kits (SDKs) and allows its user to custom select antivirus solutions from 3 vendors- Tencent, AVL, and Avast.