A new study has warned that customization of core operating system files created by some Android smartphone makers could pose a number of security threats.
Research by UK security firm F-Secure has revealed that pre-loaded applications with custom Android UIs have been implicated in research using several major smartphones, including the Samsung Galaxy S9, Huawei Mate 9 Pro and Xiaomi Mi 9. Depending on the geo-location of the custom UI users, they may have different effects.
However, these modifications can enter the installed application and cause gaps or errors that can directly affect the device.
1. This ransomware software pretends to be the FBI and tries to extort money from you.
2.This critical Android bug is that non-legitimate antivirus software modifies them as legitimate non-threatening apps.
Most Android smartphone manufacturers include a custom UI in addition to the basic stock Android system. This UI brings additional apps, features and enhanced settings that are not typically found on a smartphone running on additional Android.
But James Loureiro, director of research at F-Secure Consulting in the UK, said: “Devices that share the same brand and stock Android OS, no matter where you are in the world, are customized by third-party vendors such as Samsung, Huawei and Xiaomi. The inclusion of a customization UI means that those devices can be placed with significantly weaker security.
Pointing to the threat posed by this pre-installed Bluetooth on many Android phones, Luero noted, “These devices with more than 100 applications collected by vendors have significant attacks that vary by region.” that the surface is identified.
Citing an example from the Samsung Galaxy S9, the researchers explained that the smartphone reacts differently depending on the location of the SIM card inserted into the phone. This is done to ensure that the device operates at a specific geo-location. It was found that even devices on Huawei and Xiaomi follow a similar pattern; However, as soon as the researchers found the application, they researched it and found that they could take full control of the device from the application.
Toby Drew, a senior security adviser at F-Secures Consulting, says the Xiaomi Mi 9 may be safe for a user in China, but the same device could put another user in another country at risk.
“This customization UI is definitely important for vendors to consider security implications when customizing Android for different regions. The fact that people in one region have more or less protection than in another is an injustice to those who use it. If the same device had been modified to provide less protection to users in one region than in another, it would have created some sort of inequality by increasing exposure to cyber attacks, ”said consultant Toby Drew.