Android is an infamous mobile operating system that powers more than billions of smartphones and tablets. It is a Linux-based open source Operating system developed by Google designed primarily for touchscreen mobile devices.
Since its launch in 2008, Android platform had gained immense popularity and is the trending OS now with 80% global market share. Its Open source model makes it a clear leader among mobile operating system as it provides flexibility and adaptability.
However, the open source model has placed devices running on Android platform in dire straits.
Open market model allows registered software developers to create applications for Android mobile devices in Java and list them in Android Market without undergoing review and waiting for approval.
Although Android’s developers have created set of rules for app developers to ensure the safety of their apps, developers rarely follow these guidelines. This gives cyber miscreants ample opportunity to leverage the loopholes to invade the device and exploit users.
For instance, Google’s Android documentation includes a set of security practices for app developers on the use of External Storage in their apps. Application developers are expected to follow these guidelines to reduce the likelihood of inadvertent security issues. However negligence towards these has surfaced Man-in-the-Disk attack, offering an opportunity to attack any app that is careless about their use of External Storage.
Let us learn a little about storage resources on Android devices and Security Risks in SD cards.
Android devices support two types of storage. These are:
Recently, researchers came across a flaw in the way Android apps use storage resources. Reckless use of External Storage by applications has resulted in a number of undesired outcomes (Security Risks in SD cards) like:
Unlike Internal Storage, External storage particularly MicroSD cards do not support Android’s built-in Sandbox protection. Hence, apps that reside in external storage are not segregated from each other. If developers fail to employ security precautions in their applications, it leaves the apps vulnerable to risks of malicious data manipulation.
Man-in-the-Disk attacks are configured to leverage the abusive way the storage resources are handled in External media.
Meddling with the data occurs with a seemingly genuine application that appears important to users but hold attackers exploit script. Users are persuaded to install these applications on their device. These apps seek user’s permission to access the External Storage which appears perfectly normal and unlikely to raise any suspicion.
Hence, Man-in-the-Disk virus gets installed on the victim’s device without their knowledge.
Man-in-the-Disk attack harms apps and data stored in External Storage. Hence, when an app is downloaded in the external storage, or updated or receives data from app’s server provider, and is passed through external storage, it gives the adversary an opportunity to manipulate the data held in the External Storage.
Man-in-the-Disk attack gives cyber miscreants an opportunity to keep an eye on the data being transferred between any other app on the user’s device and the External Storage. Data received can be overwritten, damaged or stolen leading to unwelcome behavior of the targeted application. For Instance,
Google Translate, Google Voice Typing, Yandex Translate, Xiaomi Browser, Google Text-to-Speech are among the various applications that can be moved SD Cards to or use External Storage as a staging resource. Hence the apps that utilize microSD memory are vulnerable to Man-in-the –Disk attack as they are partially protected and hence are easy targets for malware attacks.
Users Obligations: It is advised that you purchase microSD card from trusted vendors. It is also recommended to format the card from authenticated formatting programs before using it.
Developers Responsibility: It is the duty of developers to build apps with security front of mind and abide by the guidelines provided by Google to prevent unforeseen circumstances.
Subscribe to our newsletter today to receive updates on the Latest News and Threats.
The researchers at Virus Removal Guidelines are dedicated to track down the latest vulnerabilities which may infringe your system security. Our team of expert performs a detailed research about every malware infection before educating our users about the same.
Want to stay informed about the latest threats & malware? Sign up for our newsletter & learn how to get rid of all types of threats from your computer.