A pre-installed malware detecting application is reported to be filled with all sorts of security vulnerabilities say researchers from Israel based firm CheckPoint Software. So, they have issued a warning to the users of the world’s biggest mobile producer of China which is estimated to be holding almost 8% market share in global rankings with the number three position.
“The app in the question of the Beijing based company is ‘Guard Provider’ and was actually devised to protect the smartphones from malware”, said Slava Makkaveev. He added that the app exhibits unsecured traffic exposure allowing hackers to connect to the same Wi-Fi networks as the targeted device users- an instance of ‘Man-in-the-Middle’ Attack.
Note 1- In man in the middle attacks, cyber crooks try to intercept the communication medium between 2 parties and try to pose as the genuine party willing to communicate with the targeted device user.
Guard Provider is exhibiting Man in the middle attack traits which could have been exploited by some hackers by now. What’s astonishing is that such attacks often go undetected by anti-malware solutions leading to data steal, ransomware implant and/or espionage.
Xiaomi has already been alerted by Check Point Software Technologies last month and the Chinese vendor reacted to the issue by releasing a fix to the said vulnerability on Tuesday last week.
Note 2- Guard Provider is reported to be using 3rd party Software Development Kits (SDKs) and allows its user to custom select antivirus solutions from 3 vendors- Tencent, AVL, and Avast.