Newsbytes
  • India
  • Business
  • World
  • Politics
  • Sports
  • Technology
  • Entertainment
  • Auto
  • Lifestyle
  • Inspirational
  • Career
  • Bengaluru
  • Delhi
  • Mumbai
  • Videos
  • Visual Stories
  • Reviews
  • Phone Reviews
  • Fitness Bands Reviews
  • Speakers Reviews
  • Find Cricket Statistics
Hindi
More
In the news
Elon Musk
Apple
OnePlus
NOTHING
Latest Laptops
Newsbytes
Hindi
Newsbytes
User Placeholder

Hi,

Logout


India
Business
World
Politics
Sports
Technology
Entertainment
Auto
Lifestyle
Inspirational
Career
Bengaluru
Delhi
Mumbai
Videos
Visual Stories
Reviews
Phone Reviews
Fitness Bands Reviews
Speakers Reviews
Find Cricket Statistics

More Links
  • Videos

Download Android App

Follow us on
  • Facebook
  • Twitter
  • Linkedin
  • Youtube
 
Home / News / Technology News / Android apps wrongly using SD Card might lead to hacking
Technology

Android apps wrongly using SD Card might lead to hacking

Android apps wrongly using SD Card might lead to hacking
Written by Shiladitya Ray
Aug 13, 2018, 08:48 pm 2 min read
Android apps wrongly using SD Card might lead to hacking

In another discovery which raises concerns about cybersecurity, security firm Check Point has found a flaw that lets hackers take advantage of Android apps that make poor and unprotected use of external storage. This exploit could allow hackers to install malware, make apps crash, and prevent other legitimate apps from running. Here's all about the risks, and how you can protect yourself.

Internal v/s External
First, the basics of storage on Android devices

Android apps have two options for storage - a secure, internal storage, and a less secure external SD card-based storage. While a phone's internal storage is carefully secured, external storage allows data to be shared between apps and doesn't have the same security. Albeit this doesn't always translate to a security threat, developers who use external storage wrongly might give hackers a way in.

Attack
How attackers can leverage the external storage vulnerability

Researchers from Check Point found that some Android apps were unnecessarily relying on unprotected external storage, and didn't even bother to verify the data that came in from SD cards. This allows attackers to get users to install seemingly innocuous apps, and get permission to use external storage (which is widely regarded as not suspicious). Once the permission is granted, hackers can exploit it.

Details
Details about the 'man-in-the-disk' attack

Check Point dubbed such potential attacks "man-in-the-disk" attacks. Using it, malicious apps with the permission to use external storage can monitor, and if required, overwrite data between a device's external storage and other apps. Notably, Check Point also found that Google Translate, Google Voice Typing, and Xiaomi Browser, among other un-notable apps, also didn't verify the integrity of data from external storage.

Protection
How you can protect yourself from potential attacks

Check Point had notified Google and Xiaomi of its findings pertaining to their apps' misuse of external storage. While Google released a fix shortly, Xiaomi hasn't responded yet. Meanwhile, what you can do to avoid falling prey to such attacks is to avoid downloading strange, unverified apps from Google Play Store. Beyond that, there's not much to be done.

Share this timeline
Facebook
Whatsapp
Twitter
Linkedin
Shiladitya Ray
Shiladitya Ray
Mail
Budding social scientist with a keen interest in social studies of science and the sociology of knowledge. Cinephile. Liverpudlian. Metalhead.
Latest
Xiaomi
Android
Malware
Google
Smartphones
Latest
Toyota Hyryder teaser confirms automatic gearbox and all-wheel-drive system
Toyota Hyryder teaser confirms automatic gearbox and all-wheel-drive system Auto
'The Umbrella Academy 3': Biggest moments from Netflix show
'The Umbrella Academy 3': Biggest moments from Netflix show Entertainment
Hero Lectro e-cycles become cheaper thanks to Rs. 15,000 subsidy
Hero Lectro e-cycles become cheaper thanks to Rs. 15,000 subsidy Auto
Everything to know about 'Swayamvar - Mika Di Vohti'
Everything to know about 'Swayamvar - Mika Di Vohti' Entertainment
Top 5 truly wireless earbuds with ANC under Rs. 10,000
Top 5 truly wireless earbuds with ANC under Rs. 10,000 Technology
Xiaomi
Xiaomi 12S Ultra will feature 1.0-inch Sony IMX989 primary camera
Xiaomi 12S Ultra will feature 1.0-inch Sony IMX989 primary camera Technology
Top 5 smartphones coming in July 2022
Top 5 smartphones coming in July 2022 Technology
Xiaomi TV A2 and Mi Band 7 launched: Check prices
Xiaomi TV A2 and Mi Band 7 launched: Check prices Technology
Xiaomi's first-ever 2-in-1 laptop, Book S 12.4-inch, launched: Check price
Xiaomi's first-ever 2-in-1 laptop, Book S 12.4-inch, launched: Check price Technology
New leak reveals price and launch timeline of OnePlus 10T
New leak reveals price and launch timeline of OnePlus 10T Technology
More News
Android
Free Fire MAX: How to redeem codes for June 28
Free Fire MAX: How to redeem codes for June 28 Technology
How to redeem Free Fire MAX codes for June 27
How to redeem Free Fire MAX codes for June 27 Technology
HUAWEI nova Y90 introduced in global markets: Check features, price
HUAWEI nova Y90 introduced in global markets: Check features, price Technology
Realme TechLife Watch R100 launched at Rs. 3,700: Check features
Realme TechLife Watch R100 launched at Rs. 3,700: Check features Technology
How to secure your WhatsApp: Check latest features and settings
How to secure your WhatsApp: Check latest features and settings Technology
More News
Malware
AbstractEmu Android malware can root your device, lock you out
AbstractEmu Android malware can root your device, lock you out Technology
'Squid Game'-themed apps on Android could steal your money
'Squid Game'-themed apps on Android could steal your money Technology
Using dating apps on iPhone? Crypto-scammers could hack your device!
Using dating apps on iPhone? Crypto-scammers could hack your device! Technology
Cyberattack targets Acer's Indian aftersales systems, steals 60GB of data
Cyberattack targets Acer's Indian aftersales systems, steals 60GB of data Technology
Dangerous malware targets over 10 million Android users: Details here
Dangerous malware targets over 10 million Android users: Details here Technology
More News
Google
Assam floods: Google introduces SOS alert system on Maps, Search
Assam floods: Google introduces SOS alert system on Maps, Search Technology
Google Hangouts will hang up its boots in November
Google Hangouts will hang up its boots in November Technology
Gmail offline introduced: How to read, send mails without internet?
Gmail offline introduced: How to read, send mails without internet? Technology
Garena Free Fire codes for June 23: How to redeem
Garena Free Fire codes for June 23: How to redeem Technology
Garena Free Fire codes for June 22: How to redeem
Garena Free Fire codes for June 22: How to redeem Technology
More News
Smartphones
CUBOT Pocket with 4-inch QHD+ display and NFC goes official
CUBOT Pocket with 4-inch QHD+ display and NFC goes official Technology
DoT withdraws notification regarding mandatory testing of smartphones, cameras, smartwatches
DoT withdraws notification regarding mandatory testing of smartphones, cameras, smartwatches Technology
Global smartphone shipments down by 11% in Q1 of 2022
Global smartphone shipments down by 11% in Q1 of 2022 Business
BLU G51s launched with a dual camera and UNISOC chip
BLU G51s launched with a dual camera and UNISOC chip Technology
#EndOfAnEra: BlackBerry pulls plug on its classic phones
#EndOfAnEra: BlackBerry pulls plug on its classic phones Technology
More News
Next News Article
Next News Article

Love Technology news?

Subscribe to stay updated.

Science Thumbnail
India News Business News World News Politics News Sports News Technology News Entertainment News Auto News Lifestyle News Inspirational News
Career News Bengaluru News Delhi News Mumbai News Mukesh Ambani Indian Premier League (IPL) Karnataka Samsung Xiaomi West Bengal
Bihar Virat Kohli Rohit Sharma Haryana Narendra Modi Arvind Kejriwal Tamil Nadu Gujarat Yogi Adityanath YouTube
Instagram Hollywood News Uttar Pradesh Kerala Netflix Bollywood News Mamata Banerjee Maruti Suzuki Rahul Gandhi Elon Musk
Shah Rukh Khan Chelsea FC OPPO Akhilesh Yadav Indian Cricket Team Apple Manchester United Salman Khan Cryptocurrency OnePlus
Amitabh Bachchan ICC Women's World Cup Vivo India vs Sri Lanka
About Us Privacy Policy Terms & Conditions Contact Us Ethical Conduct Grievance Redressal News News Archive Topics Archive IPL 2022 Schedule IPL 2022 Points Table Find Cricket Statistics
Follow us on
Facebook Twitter Linkedin Youtube
All rights reserved © NewsBytes 2022