Android Man-in-the-Disk Attack Can Expose Apps & User Data

Security experts discovered a new Android infection mechanism called the Man-in-the-Disk attack. It takes advantage of a design issue found to be with the operating system itself that takes advantage of the external storage access. Abuse of this possibility can expose sensitive data to the criminal operators.

Android Man-in-the-Disk Attack Allows Apps Exposure

Security analysts detected a design issue in the Android operating system that has lead to a vulnerability. This is made possible via an abusive behaviour in the way storage resources are handled. The analysts note that “careless use” of the external storage access can lead to the man-in-the-middle attacks. Use of such resources does not activate the Sandbox protection which is a known security risk. The Internal storage of the Android operating system integrates the built-in memory where the main application data is stored. the external storage itself is the partition of the Internal Storage or removable storage (microSD card).

The Man-in-the-Disk attack can be made exploited with almost any app that utilizes the WRITE_EXTERNAL_STORAGE permissions. The majority of popular user-installed application use the External Storage as a type of temporary buffer when downloading information from Internet services. Over the years the practice of using of using the external storage for work data cache has become a norm as many devices have a limited internal space storage.

The unique characteristic of the external storage is that any process can monitor it and therefore overwrite files. There are several possible case scenarios that malicious actors can attempt:

  • File Operations — Data and cache found on the external storage partition can be accessed, retrieved or modified.
  • Behavior Modification — By manipulating certain values of configuration files or temporary settings the hackers can induce unexpected behaviour. This can lead (Read more...)

*** This is a Security Bloggers Network syndicated blog from How to, Technology and PC Security Forum | authored by Martin Beltov. Read the original post at: