Check Point researchers find security breach in Xiaomi phone app

Vulnerability in pre-installed malware detector would have allowed hackers to penetrate system and steal data; breach has now been fixed

Shoshanna Solomon is The Times of Israel's Startups and Business reporter

Illustrative. Hackers/cybersecurity (iStock by Getty Images)
Illustrative. Hackers/cybersecurity (iStock by Getty Images)

Researchers at Israeli cybersecurity firm Check Point Software Technologies Ltd. said Thursday they recently found a vulnerability in one of the pre-installed apps of one of the world’s biggest vendors of mobile devices, China’s Xiaomi.

The Beijing-based Xiaomi, a Chinese electronics firm that makes smartphones, mobile apps and laptops, holds an 8% global market share, ranking it third in the world.

The app in question, called Guard Provider, was ironically meant to protect smartphones by detecting malware, researcher Slava Makkaveev wrote in a blog published by the cybersecurity firm. Instead, the app actually exposed users to an attack.

Because of the unsecured nature of the network traffic to and from the app, hackers could connect to the same Wi-Fi network as the victim “and carry out a Man-in-the-Middle (MiTM) attack,” Makkaveev wrote. In an MiTM attack, an attacker secretly intercepts and possibly alters communications between two parties who believe they are directly communicating with each other.

The hacker could also “disable malware protections and inject any rogue code he chooses” enabling the hacker to “steal data, implant ransomware or tracking or install any other kind of malware,” the researcher wrote.

Check Point has alerted Xiaomi about the vulnerability and it has been fixed, the Israeli firm said.

read more: