A new security vulnerability was recently discovered on the Google Play Store. It threatens billions of Android devices which can be easily infected by malicious applications.
We can’t say it enough, but be careful about the applications you install on your devices! In a report, cybersecurity researchers at Microsoft explain that they have discovered a flaw in the functioning of several Android applications. This vulnerability, called Dirty Stream, potentially allows a malicious application to contact certain legitimate applications to execute malicious commands remotely, accessing personal data stored on the device and on the local network to which it is connected. According to the team of researchers, around 20% of Android applications are vulnerable to this type of attack and 4 billion installations are already affected. A major flaw!
Dirty Stream: a flaw in the way apps communicate
This security flaw lies in the way Android applications communicate with each other. To put it simply, under Google’s operating system, apps can exchange data with each other. By manipulating a function called “custom intents”, attackers can bypass security controls to cause a compromised application to transmit a file with a manipulated name or path to another “clean” application. This, without suspicion, will then execute the code or store it in one of its critical directories. The attacker then has plenty of time to steal the data from the targeted application, including the most sensitive, and take complete control.
Microsoft discovered this security flaw in several popular applications, such as the WPS Office suite, which has nearly 500 million downloads, and Xiaomi’s file manager, which has 1 billion downloads. Suffice to say that that’s a hell of a lot of devices on display. Worse still, Xiaomi’s app allows access to other files within the local network, which could allow a malicious app to spread into the folders of other devices connected to the same Wi-Fi.
In total, applications containing this flaw that have been detected by Microsoft have accumulated more than 4 billion downloads. Enough to offer a vast attack surface to any hacker who becomes aware of it. “We are sharing this discovery so that application developers and publishers can check if their software is vulnerable and fix it if necessary”, explains Microsoft. Alerted by the company, Xiaomi and WPS Office rushed to deploy patches. For its part, Google has updated its security guidelines for Android application developers, in order to prevent the appearance of vulnerabilities in the operation of the content provider of Android applications.
Also, we can only advise you to update your applications through the Play Store and to check the permissions that the installed apps have. Above all, avoid installing software that does not come from official stores, because, even if they are not perfect, the detection and security tools from the Play Store still filter out a majority of threats.