What could be worse than this, if the software that’s meant to protect your devices leave backdoors open for hackers or turn into malware?
Researchers today revealed that a security app that comes pre-installed on more than 150 million devices manufactured by Xiaomi, China’s biggest and world’s 4th largest smartphone company, was suffering from multiple issues that could have allowed remote hackers to compromise Xiaomi smartphones.
According to CheckPoint, the reported issues resided in one of the pre-installed application called, Guard Provider, a security app developed by Xiaomi that includes three different antivirus programs packed inside it, allowing users to choose between Avast, AVL, and Tencent.
Since Guard Provider has been designed to offer multiple 3rd-party programs within a single app, it uses several Software Development Kits (SDKs), which according to researchers is not a great idea because data of one SDK cannot be isolated and any issue in one of them could compromise the protection provided by others.
“The hidden disadvantages in using several SDKs within the same app lie in the fact that they all share the app context and permissions,” the security firm says.
“While minor bugs in each individual SDK can often be a standalone issue, when multiple SDKs are implemented within the same app it is likely that even more critical vulnerabilities will not be far off.”
It turns out that before receiving the latest patch, Guard Provider was downloading antivirus signature updates through an unsecured HTTP connection, allowing man-in-the-middle attackers sitting on open WiFi network to intercept your device’s network connection and push malicious updates.