A newly discovered Android exploit takes advantage of apps that make poor use of external storage such as SD cards, exposing a new way for hackers to infiltrate Android devices.
Android apps have two options on where they will place data once they are installed. It is either in the device's internal storage, where the data is isolated from external factors by Android's sandbox, or in external storage, where data is allowed to move between apps. In most cases, there are no issues with either option, but developers who use external storage may wrongly give hackers a way to take over.
Android Hackers May Take Advantage Of SD Cards
According to research from cybersecurity firm Check Point, some apps are unnecessarily relying on unprotected external storage, and do not even bother validating data coming from SD cards.
The discovery, which Check Point calls "man-in-the-disk" attacks to mimic the name of "man-in-the-middle" attacks, sees hackers meddling with data that is stored in external storage such as SD cards.
Check Point witnessed cases where Android apps were downloaded or updated from servers, with the data first passing through the device's external storage before being sent to the app itself. This allows hackers to manipulate the data held in the SD cards through seemingly innocent applications that holds the exploit code.
The attacker apps, which will masquerade as a simple flashlight app, for example, will request permission to access the device's external storage, which most users will not consider as suspicious. However, they do not know that by granting permission, hackers will be able to monitor the data being transferred between the external storage and other apps. They will also be able to overwrite the data before they are passed forward to the victim's device.
Possible applications of man-in-the-disk attacks include installing malware without the user's knowledge, flooding devices with denial of service attacks, and crashing apps to inject malicious code.
How To Protect Yourself Against Android Security Flaws
While Google may continue to release security patches to fix exploits and vulnerabilities, the best way to protect against "man-in-the-disk" attacks and other hacking techniques remains avoiding to download strange Android apps. Users should generally avoid downloading apps from outside the Google Play Store, and should only download apps that are well-reviewed and trustworthy.