While Xiaomi's security application aims to protect handsets and data from cell phone owners, Check Point researchers announced that the application was just the opposite. The application uses the well-known Avast, AVL and Tencent applications to detect potential malware. Xiaomi pre-installs the application (& # 39; Guard Provider – com.miui.guardprovider) on all your phones.
However, the Check Point researchers found a security flaw in the application – its update mechanism. According to Check Point researcher Slava Makkaveev, the Guard Provider receives updates through an insecure HTTP connection. This means that someone can import malware through an MITM attack, as long as they are on the same Wi-Fi network as their mobile destination. In addition to the malware, Makkaveev said that attackers could also use MITM attacks to put ransomware or monitor applications.
Attackers can even learn the update file name to make the software look as harmless as possible. Because the Guard Provider is pre-installed on Xiaomi phones, millions of devices have the same security vulnerability. The good news is that Xiaomi knows the problem and has worked with Avast to fix it.