Security News Popular Android Apps Vulnerable to Man-in-the-Disk Attacks

[LASER_oneXM]

Content source

https://www.bleepingcomputer.com/news/security/popular-android-apps-vulnerable-to-man-in-the-disk-attacks/

Some of the most popular Android applications installed on your phone may be vulnerable to a new type of attack named "Man-in-the-Disk" that can grant a third-party app the ability to crash them and/or run malicious code.


Discovered by the Check Point team, the Man-in-the-Disk (MitD) attack scenario revolves around an app's ability to use "External Storage," one of the two types of data storage methods supported by the Android OS.

What's Internal and External Storage?

To better understand the attack, a general knowledge of the Internal and External Storage concepts is necessary.

Internal Storage, also known as System Memory, is a section of an Android's phone's built-in storage space that stores the operating system itself, system apps, drivers, and selected data of user-installed apps.

Each installed app can allocate itself "internal storage" space that is protected by a sandboxed environment, meaning it can't be accessed by any other app.
...
.....
...

How the Man-in-the-Disk attack works

The Man-in-the-Disk attack works because of two reasons. First, any app can tamper with another app's External Storage data. Second, because almost all apps ask for this permission, users are generally willing to give it and unaware of any security risks.

During tests, Check Point researchers said they were able to create a malicious app that appeared as a benign flashlight app that asked for the permission to store data on a device's External Storage space, and used this permission to attack other apps.

Researchers say they were able to carry out two types of attacks —to crash other apps and to update other apps to malicious versions.
....
.......