'Dirty Stream' attack: Tips to enhance security on Android devices
What's the story
Android smartphone users are being warned about a significant security risk, known as the "Dirty Stream" attack, present in their device applications. The threat has been uncovered by Microsoft and it could potentially allow cybercriminals to take control of popular apps or access confidential data. The malware associated with this attack has the potential to compromise multiple apps on a device, necessitating immediate action to prevent possible scams.
Investigation findings
Know about the attack
The "Dirty Stream" attack is a "path traversal-affiliated vulnerability pattern" that Microsoft discovered in a recent investigation. This vulnerability could give hackers the ability to manipulate devices and exploit the flaw to compromise apps. The company emphasized that this threat could make Android devices vulnerable to arbitrary code execution and token theft, affecting how popular apps exchange information with others.
Impact assessment
Popular apps affected
Microsoft's investigation revealed that the "Dirty Stream" attack has affected several popular apps in their information exchange with other apps. The company stated, "We identified several vulnerable applications in the Google Play Store that represented over four billion installations." Among the impacted apps are Xiaomi Inc.'s File Manager, WPS Office, and others. However, an app update can resolve this issue.
User guidelines
Recommended measures to counter 'Dirty Stream'
To secure their devices from the "Dirty Stream" attack, Android users are advised not to sideload apps due to the potential risk of harmful codes. Users should only download apps from trusted app stores such as Google Play Store, Samsung Galaxy Store, or Amazon Appstore. Activating Google Play Protect is also recommended as it scans for viruses in new and existing Android apps.
Extra precautions
Additional protection against cyberattacks
For added protection against hacking attempts, malicious codes, viruses, and other threats, users can also use third-party Android antivirus apps like McAfee. Keeping Android devices updated with the latest OS upgrades and security patches is another crucial step toward addressing device vulnerabilities and bugs. This not only ensures device safety but also guarantees optimal performance.