New security problem for Android phones in sight. In this case, it is an attack called Man-in-the-Disk. It takes advantage of the use of some applications from external memory to access the device’s microSD card. It allows you to install applications without the user’s consent.
Man-in-the-Disk: The attack on the microSD of Android phones
These are also malicious applications installed on the user’s device. Or block the phone or cause some legitimate applications on the device to malfunction.
New security problem on Android
The main problem with man-in-the-disk is that there is no integrated protection for the data stored on the microSD in Android. This makes them unprotected and vulnerable to attacks such as those currently taking place. While Google publishes some guidelines, own applications endanger the microSD card.
While this man-in-the-disk attack seems to be a wake-up call for many Android developers. Because they are working on solutions to prevent these risks from ceasing. Therefore, any application that does not comply with these security policies may cause problems for the user.
That’s why Check Point’s security researchers (who discovered the attack) recommend that Google implement integrated data protection on the microSD card. It is not known if the company will carry it out, but given the problems with this attack, it is possible that it will come.