Smartphones Vulnerable to New Attacks Via microSD Cards
NEWS

Smartphones Vulnerable to New Form of Attacks Via microSD Cards

OFFER

SCAN YOUR PC
with SpyHunter

Scan Your System for Malicious Files
Note! Your computer might be affected by microSD and other threats.
Threats such as microSD may be persistent on your system. They tend to re-appear if not fully deleted. A malware removal tool like SpyHunter will help you to remove malicious programs, saving you the time and the struggle of tracking down numerous malicious files.
SpyHunter’s scanner is free but the paid version is needed to remove the malware threats. Read SpyHunter’s EULA and Privacy Policy


Security researchers at CheckPoint have warned about a new danger for our mobile devices, using a vulnerability that goes through the microSD cards. These forms of modified microSD cards can reportedly allow hackers to take over your smartphone by using the memory in the SD card to infect Android devices.




Thankfully, most smartphones now have sufficient memory and users have slowed down in their demand for microSD cards. However, the programs and apps which can be moved to such SD card are not at all few and this vulnerability is basically targeting the microSD cards themselves.

microSD Cards Targeted Because of Low Protection

The main reason why the microSD cards have become the reason for most attacks is the fact that they are passive memory carrier. And given the fact that ssome of the Google applicatons that can move to microSD cards, like Google Translate, Google Voice Typing, Google Text-to-Speech and other Google applictions can become victims of this malware, because the vulnerabilities target these applications via the microSD memory and not the flash memory of the phone, since it is way more protrected and virtually impossible to hack. This is why, Check Point researchers recommend that you only purchase microSD cards from trusted vendors and if you haven’t to use different formatting programs to format them professionally.

This is not the first attempt on attacking Android devices via external storage and Apps, as we have reported, concerning Man-in-the-Disk type of attacks which are exploited by apps, using the permission WRITE_EXTERNAL_STORAGE, which prays on most of user-installed apps that can support and use External Storage as a method to store information that is downloaded from the web more effectively. Such non-google apps have ben reported to be the Xiaomi Browser, the Yandex Translate and Yandex search which can also be exploited by a similar versiion of Man-in-the-Disk type of attack. The whole issue is believed to be deriving from the fact that applications can tune their access to the external storage partition, and this tuning allows the exploit to go through via those vulnerabilities.




Google has commented on the subject that they are working towards fixing the vulnerabilities by focusing on patching the apps. Security researchers have also reported that they are getting involved in notifying software developers of the well-known bugs, but some of the developers and brands have chosent to simply push an immediate security update that does not specify the reason why it’s being installed.

Ventsislav Krastev

Ventsislav has been covering the latest malware, software and newest tech developments at SensorsTechForum for 3 years now. He started out as a network administrator. Having graduated Marketing as well, Ventsislav also has passion for discovery of new shifts and innovations in cybersecurity that become game changers. After studying Value Chain Management and then Network Administration, he found his passion within cybersecrurity and is a strong believer in basic education of every user towards online safety.

More Posts - Website

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...