Xiaomi Phone Bug Enables Theft
Making payments from mobile devices makes it possible for a malicious app to steal money from your digital wallet. Now, Smartphone maker Xiaomi, the world’s number three phone maker behind Apple and Samsung, has reported it has patched a high-severity flaw in its “trusted environment” used to store payment data that opened some of its handsets to attack.
In a recently released report Check Point researchers have revealed that a flaw in the smartphone maker Xiaomi's operating software could lead to mobile transactions being disabled, replicated and even forged by attackers.
The company has now patched the vulnerability, which was contained in the part of the operating system used to store user payment data. If exploited, the flaw would have allowed attackers to hijack the mobile payment system. This could potentially lead to forged transactions initiated by the attacker.
The potential pool of victims is huge, considering the popularity of Xiaomi smartphones, and could be incredibly disruptive to consumers.
Check Point’s study marks the first time that Xiaomi’s trusted applications have been found to contain security issues. All users should implement the patch by updating their software immediately to make sure that their systems are up to date.
CheckPoint: Threatpost: Oodaloop: TechRadar: VPNOverview:
You Might Also Read:
Cyber Criminals Increasingly Focus On Mobile Devices: