Smartphones Vulnerable to New Form of Attacks Via microSD Cards

Security researchers at CheckPoint have warned about a new danger for our mobile devices, using a vulnerability that goes through the microSD cards. These forms of modified microSD cards can reportedly allow hackers to take over your smartphone by using the memory in the SD card to infect Android devices.

Thankfully, most smartphones now have sufficient memory and users have slowed down in their demand for microSD cards. However, the programs and apps which can be moved to such SD card are not at all few and this vulnerability is basically targeting the microSD cards themselves.

microSD Cards Targeted Because of Low Protection

The main reason why the microSD cards have become the reason for most attacks is the fact that they are passive memory carrier. And given the fact that ssome of the Google applicatons that can move to microSD cards, like Google Translate, Google Voice Typing, Google Text-to-Speech and other Google applictions can become victims of this malware, because the vulnerabilities target these applications via the microSD memory and not the flash memory of the phone, since it is way more protrected and virtually impossible to hack. This is why, Check Point researchers recommend that you only purchase microSD cards from trusted vendors and if you haven’t to use different formatting programs to format them professionally.

This is not the first attempt on attacking Android devices via external storage and Apps, as we have reported, concerning Man-in-the-Disk type of attacks which are exploited by apps, using the permission WRITE_EXTERNAL_STORAGE, which prays on most of user-installed apps that can support and use External Storage as a method to store information that is downloaded from the web more effectively. Such non-google apps have ben reported to be the Xiaomi Browser, the Yandex Translate and Yandex search which can also (Read more...)

*** This is a Security Bloggers Network syndicated blog from How to, Technology and PC Security Forum | authored by Vencislav Krustev. Read the original post at: