Flaws in Pre-Installed security App on Xiaomi Phones open to hack them

Read

Flaws in Pre-Installed security App on Xiaomi Phones open to hack them

Bad news for the owners of Xiaomi smartphones, a pre-installed security application could be used as a backdoor by hackers.

Security experts at CheckPoint have discovered that a security app, called Guard Provider, that is currently pre-installed on more than 150 million Xiaomu devices is affected by multiple vulnerabilities issues that could have allowed remote hackers to gain the control of the phones.

“Check Point Research recently discovered a vulnerability in one of the preinstalled apps in one of the world’s biggest mobile vendors, Xiaomi, which with almost 8% market share ranks third in the mobile phone market. Ironically, it was the pre-installed security app, ‘Guard Provider’ (com.miui.guardprovider), which should protect the phone by detecting malware, which actually exposes Checkpointthe user to an attack.” reads the post published by CheckPoint.

“Briefly put, due to the unsecured nature of the network traffic to and from Guard Provider, a threat actor could connect to the same Wi-Fi network as the victim and carry out a Man-in-the-Middle (MiTM) attack.”

Guard Provider is developed by Xiaomi that includes three antivirus software, Avast, AVL, and Tencent, and allows users to choose the one they prefer.

The security app works as a sort of aggregator, it allows to include 3rd-party software within a single app. Experts argued that it uses several Software Development Kits (SDKs), potentially opening the doors to the attackers through the compromise of one of them.

The experts pointed out that the SDK share the same app context and permissions, these main problems resulting from this implementation are:

A problem in one SDK would compromise the protection of all the others.
The private storage data of one SDK cannot be isolated and can therefore be accessed by another SDK.

Checkpoint experts discovered that the application was receiving antivirus signature updates through an unsecured HTTP connection, allowing attackers to carry out man-in-the-middle attacks when sharing the same WiFi network. Then the attackers can intercept the Xiaomi device connection and push malicious updates.

Experts at CheckPoint demonstrated how get remote code execution on the targeted Xiaomi device after exploiting four vulnerabilitues in two different SDKs available in the app.

The researchers exploited the use of unsecured HTTP connection to deliver software updates, a path-traversal vulnerability during the decompression process to overwrite files in the app’s sandbox (including files related to another SDK) and the lack of digital signature verification for update process.

Check Point reported the vulnerabilities to Xiaomi that quickly addressed them and released a new version of the Guard Provider app.

“It is completely understandable that users would put their trust in smartphone manufacturers’ preinstalled apps, especially when those apps claim to protect the phone itself. This vulnerability discovered in Xiaomi’s ‘Guard Provider’, however, raises the worrying question of who is guarding the guardian. And although the guardian should not necessarily need guarding, clearly when it comes to how apps are developed, even those built in by the smartphone vendor, one cannot be too careful.” concludes Checkpoint.

“The above attack scenario also illustrates the dangers of using multiple SDKs in one app. While minor bugs in each individual SDK can be often be a standalone issue, when multiple SDKs are implemented within the same app it is likely that even more critical vulnerabilities will not be far off.”

Read More Add comment

WikiLeaks Founder Julian Assange arrested and charged in US with computer hacking conspiracy

By Aditya Mehta

Read

0 Comments

WikiLeaks Founder Julian Assange arrested and charged in US with computer hacking conspiracy

Seven years ago, WikiLeaks founder Julian Assange took refuge in the embassy to avoid extradition to Sweden over a sexual assault case.

In 2012 a British judge ruled WikiLeaks founder Julian Assange should be extradited to Sweden to face allegations of sexual assault there, but Assange received political asylum from Ecuador and spent the last years in its London embassy.

In October, the Government of Ecuador confirmed it had cut the internet access of WikiLeaks founder Julian Assange due to leaks of its Organization. The Ecuadorian Government believes that the information leaked by Wikileaks could have had a serious impact on the US Presidential election.

News of the day is that Julian Assange was arrested in London on a US warrant charging him over his alleged role in a massive leak of military and diplomatic documents in 2010.

Wikileaks founder Julian Assange is arrested at the Ecuadorian embassy in London – Source the Time of Israel

According to a note released by London’s Metropolitan Police Service, the arrest has happened just after the Ecuadorian government today withdraws the political asylum. Below the Tweet published by
Ecuadorian President Lenín Moreno:

Wikileaks condemned the arrest and defined it as an illegal act that violated international law:

The man has been taken into custody at a central London police station, and it is expected to be presented before Westminster Magistrates’ Court as soon as possible.

“He has been taken into custody at a central London police station where he will remain, before being presented before Westminster Magistrates’ Court as soon as is possible.” reads the note.

“The MPS had a duty to execute the warrant, on behalf of Westminster Magistrates’ Court, and was invited into the embassy by the Ambassador, following the Ecuadorian government’s withdrawal of asylum.”

The U.S. Department of Justice also published a press release that confirmed the arrest. Assange would face extradition proceedings for his alleged role in “one of the largest compromises of classified information in the history of the United States.”

“The indictment alleges that in March 2010, Assange engaged in a conspiracy with Chelsea Manning, a former intelligence analyst in the U.S. Army, to assist Manning in cracking a password stored on U.S. Department of Defense computers connected to the Secret Internet Protocol Network (SIPRNet), a U.S. government network used for classified documents and communications.” states the US DoJ. “Manning, who had access to the computers in connection with her duties as an intelligence analyst, was using the computers to download classified records to transmit to WikiLeaks “

Assange faces up to five years in jail on a federal charge of “conspiracy to commit computer intrusion for agreeing to break a password to a classified US government computer”.

Last year, U.S. prosecutors accidentally revealed the existence of criminal charges against Julian Assange in a document filed in an unrelated sex crime case.

Assange has been forced to live in London’s Ecuadorian Embassy since June 2012, when a U.K. court ordered his extradition to Sweden to face sexual assault and rape charges filed against him.

According to Assange’s US lawyer Barry Pollack the arrest constitutes “an unprecedented effort by the United States seeking to extradite a foreign journalist to face criminal charges for publishing truthful information.”