Man-in-the-Disk is a new attack technique that targets Android storage systems that use insufficient storage protocols in third-party applications. Hackers are taking advantage of these protocols to crash a victims Android mobile device.
Hackers are targeting the way in which smartphones and the majority of the mobile devices are handling storage which does not get applied to Androids’ sandbox storage. Researchers from Checkpoint claimed there are vulnerabilities in how Google’s Android OS utilizes external storage resources. This usually occurs when developers are careless about where they store app data.
External storage is essentially a partition on the device’s storage card which is shared by all applications. Man-in-the-Disk targets the external disk on mobile devices.
“Failing to employ security precautions on their own leaves applications vulnerable to the risks of malicious data manipulation,” the team says.
There are some apps that use external storage over internal storage if there is no free storage available on the device.
Google suggests that developers should add validation for external storage, the company also says that files should be signed and cryptographically verified before loading dynamically.
Some researchers have ironically pointed out that Google are not following their own guidelines since many apps when downloaded may update or receive information from developer servers. Due to prioritisation of external storage, this data may frequently go through external storage before entering the app itself. This could allow for the MiTM attacks in monitoring an app’s online communications between it’s browser and server and allow for tampering of the aforementioned data.
Take your time to comment on this article.