Android users beware! Microsoft exposes dangerous apps on Google Play Store
- Replies 12
In the digital age, our smartphones are akin to a central hub for our personal lives. They hold our memories, manage our schedules, and keep us connected to the world.
However, this convenience also comes with risks, as highlighted by a recent urgent warning from Microsoft's Threat Intelligence team.
Android users, it's time to pay close attention to the apps you've downloaded from the Google Play Store, as your security could be at stake.
Microsoft has identified a number of apps on the Google Play Store that contain a dangerous security flaw, which the tech experts have dubbed ‘dirty stream’.
This vulnerability has been exploited by cybercriminals, putting Android users at risk of serious data breaches.
The compromised apps, which have been downloaded more than four billion times cumulatively, share a security weakness that can be manipulated to target the way apps communicate with each other, such as when files and data are sent between apps.
The 'dirty stream' flaw allows malicious apps to send data under filenames that are trusted by the compromised Android apps.
Once this data is accepted by the 'share target’, a trusted channel is established between the two apps, through which sensitive information can be transmitted.
Dimitrios Valsamaras, an Officer on the Microsoft Threat Intelligence team, said: ‘Since the rogue app controls the name as well as the content of the file, by blindly trusting this input a share target may overwrite critical files in its private data space.’
‘The potential impact varies,’ he added.
According to Mr Valsamaras, some breaches can have serious consequences. A malicious app can overwrite settings and ‘cause the vulnerable app to communicate with an attacker-controlled server’, which can expose an Android user's sensitive information.
In the ‘worst-case scenario’, which Mr Valsamaras noted is a ‘not so uncommon’ possibility, the target app can be tricked into opening a channel that taps into its highly-protected libraries.
This can result in a malicious application overwriting a native library with malicious code, giving the hacker full control over the app's behaviour. The impact of such breaches can extend far beyond the user's mobile device.
One of the affected apps is a file management app developed by Xiaomi Inc., which has been installed more than a billion times.
Microsoft has alerted the Xiaomi Inc. app developer, as well as the developers of other compromised apps.
Thankfully, the developer confirmed that the issue has been resolved in the latest update.
The tech giant also highlighted the WPS Office app, which has been installed over 500 million times. The app's developer has also confirmed that they updated the app to fix the issue.
Despite this fix, Microsoft cautioned that the vulnerability may still be present in numerous other apps on the Google Play Store that have yet to be detected.
The tech giant advises users to update their phones and apps promptly.
Additionally, Microsoft has released technical advice for developers to safeguard their apps against the 'dirty stream' vulnerability.
As members of the Seniors Discount Club, it's crucial to stay vigilant about the apps we install and use. Here are some steps you can take to protect yourself:
1. Regularly update your apps and operating system to ensure you have the latest security patches.
2. Download apps only from trusted developers and sources.
3. Pay attention to the permissions that apps request. If an app asks for more permissions than it needs to function, it could be a red flag.
4. Consider installing a reputable mobile security app to help detect and block malicious software.
5. Stay informed about the latest security threats and heed warnings from trusted sources like Microsoft.
Mr Valsamaras discussed dirty stream attack in detail in this presentation:
Source: Black Hat/YouTube
We encourage you to share this information with friends and family to help them stay safe as well.
If you've had any experiences with suspicious apps or have tips on maintaining mobile security, please share your thoughts in the comments below.
However, this convenience also comes with risks, as highlighted by a recent urgent warning from Microsoft's Threat Intelligence team.
Android users, it's time to pay close attention to the apps you've downloaded from the Google Play Store, as your security could be at stake.
Microsoft has identified a number of apps on the Google Play Store that contain a dangerous security flaw, which the tech experts have dubbed ‘dirty stream’.
This vulnerability has been exploited by cybercriminals, putting Android users at risk of serious data breaches.
Microsoft warned against malicious apps on the Google Play Store. Image source: Freepik
The compromised apps, which have been downloaded more than four billion times cumulatively, share a security weakness that can be manipulated to target the way apps communicate with each other, such as when files and data are sent between apps.
The 'dirty stream' flaw allows malicious apps to send data under filenames that are trusted by the compromised Android apps.
Once this data is accepted by the 'share target’, a trusted channel is established between the two apps, through which sensitive information can be transmitted.
Dimitrios Valsamaras, an Officer on the Microsoft Threat Intelligence team, said: ‘Since the rogue app controls the name as well as the content of the file, by blindly trusting this input a share target may overwrite critical files in its private data space.’
‘The potential impact varies,’ he added.
According to Mr Valsamaras, some breaches can have serious consequences. A malicious app can overwrite settings and ‘cause the vulnerable app to communicate with an attacker-controlled server’, which can expose an Android user's sensitive information.
In the ‘worst-case scenario’, which Mr Valsamaras noted is a ‘not so uncommon’ possibility, the target app can be tricked into opening a channel that taps into its highly-protected libraries.
This can result in a malicious application overwriting a native library with malicious code, giving the hacker full control over the app's behaviour. The impact of such breaches can extend far beyond the user's mobile device.
One of the affected apps is a file management app developed by Xiaomi Inc., which has been installed more than a billion times.
Microsoft has alerted the Xiaomi Inc. app developer, as well as the developers of other compromised apps.
Thankfully, the developer confirmed that the issue has been resolved in the latest update.
The tech giant also highlighted the WPS Office app, which has been installed over 500 million times. The app's developer has also confirmed that they updated the app to fix the issue.
Despite this fix, Microsoft cautioned that the vulnerability may still be present in numerous other apps on the Google Play Store that have yet to be detected.
The tech giant advises users to update their phones and apps promptly.
Additionally, Microsoft has released technical advice for developers to safeguard their apps against the 'dirty stream' vulnerability.
As members of the Seniors Discount Club, it's crucial to stay vigilant about the apps we install and use. Here are some steps you can take to protect yourself:
1. Regularly update your apps and operating system to ensure you have the latest security patches.
2. Download apps only from trusted developers and sources.
3. Pay attention to the permissions that apps request. If an app asks for more permissions than it needs to function, it could be a red flag.
4. Consider installing a reputable mobile security app to help detect and block malicious software.
5. Stay informed about the latest security threats and heed warnings from trusted sources like Microsoft.
Mr Valsamaras discussed dirty stream attack in detail in this presentation:
Source: Black Hat/YouTube
If you've had any experiences with suspicious apps or have tips on maintaining mobile security, please share your thoughts in the comments below.
.png){kind=icon}
