Xiaomi smartphones users, make sure you install the company’s latest security software. Security researcher Checkpoint has discovered a malware that comes as a part of Xiaomi’s Guard Provider app.
However, Xiaomi released a patch shortly after Check Point disclosed the vulnerability to the company.
The report states that the anti-virus app uses scanners from Avast, AVL and Tencent to detect potential malware and make sure your smartphone is safe. The app comes pre-installed in Xiaomi smartphones and is found to have a massive flaw in its update mechanism.
In the report, Check Point researcher Slava Makkaveev said that the Guard Provider app is updated through an unsecured HTTP connection. This also makes it vulnerable for man-in-the-middle (MITM) attack, provided both parties are in the same Wi-Fi connections. The report not just talks about malware but also injecting ransomware and tracking apps.
“Briefly put, due to the unsecured nature of the network traffic to and from Guard Provider, a threat actor could connect to the same Wi-Fi network as the victim and carry out a Man-in-the-Middle (MiTM) attack. Then, as part of a third-party SDK update, he could disable malware protections and inject any rogue code he chooses such to steal data, implant ransomware or tracking or install any other kind of malware,” states Makkaveev.
As per the report, as the Guard Provider app is installed on all Xiaomi smartphones, all devices will be affected by the flaw.
According to the latest IDC numbers, Xiaomi led the Indian smartphone market share with 28.9%. This was followed by Samsung and others.