Today
all China county Mobile Provident COST Discover Tencent Xiaomi
Today news
About the same in other media
More
China county Mobile Provident COST Discover Tencent Xiaomi China county Mobile

Xiaomi phones with MediaTek chips have BIG security flaw, You could lose your bank savings!

China county Mobile Provident COST Discover Tencent Xiaomi
Reading now: 218
tech.hindustantimes.com
tech.hindustantimes.comtech.hindustantimes.com:

Are you a Xiaomi smartphone user? If yes, you need to be alerted. As per the latest information, a flaw has been discovered in some Xiaomi phone's mobile payment mechanism that could have cost the users their hard earned money. Now, when very few people prefer carrying cash with them, the most common mode of payment is via UPI. But what if someone steals money from your digital wallet and that without your knowledge? Researchers from Check Point Research (CPR) have discovered vulnerabilities in the payment system built into Xiaomi smartphones that could allow forging of payment packages or disabling the payment system directly, from an unprivileged Android application.

"In this report, CPR (Mobile) researchers analyzed the payment system built into Xiaomi smartphones powered by MediaTek chips, which are very popular in China. During these reviews, we discovered vulnerabilities that could allow forging of payment packages or disabling the payment system directly, from an unprivileged Android application," CPR said in the blog post.

The post informed that mobile payment signatures are carried out in the Trusted execution environment (TEE), which has been an integral part of mobile devices and its main purpose is to process and store sensitive security information such as cryptographic keys and fingerprints. Hence, it is assumed that if the TEE is safe, your payments are secure too. The test device used for the research is the Xiaomi Redmi Note 9T 5G with MIUI Global 12.5.6.0 OS.

The researchers discovered that Xiaomi can embed and sign their own trusted applications. "We found that attacker can transfer an old version of a trusted app to the device and use it to overwrite the new app file. Therefore, an attacker can bypass

Read more on tech.hindustantimes.com
All news from tech.hindustantimes.com
About this in other media
pcgamer.com
This PC-only RPG looks like Assassin's Creed: China, except you can put down your sword and get a normal job pcgamer.com /2 years ago
tech.hindustantimes.com
Xiaomi layoffs? Chinese company fires over 900 employees after revenue horror: Report tech.hindustantimes.com /2 years ago
sportskeeda.com
17-year-old boy from Bihar ends life after losing match in PUBG: Reports sportskeeda.com /2 years ago
Show more
The website gamebastion.com is an aggregator of news from open sources. The source is indicated at the beginning and at the end of the announcement. You can send a complaint on the news if you find it unreliable.

Related News

27.08 / 13:25
tech.hindustantimes.com
Action UPS India vs Pakistan T20 Asia Cup 2022 LIVE: Where to watch IND vs PAK Live Match Online, Official Timings
India vs Pakistan T20 Asia Cup 2022 Live Streaming: If you are a cricket fan, this weekend will be an action packed one for you. Rival cricket teams of India and Pakistan will face each other in the Asia Cup 2022 match on Sunday night. The two teams will play each other for the first time this year in men's international cricket, and these teams had last played each other in 2021. The Indian side is going all in with a lot of new players offering a reinforced team.
27.08 / 12:25
tech.hindustantimes.com
Twitter NASA Watch Artemis I launch to the Moon on August 29 simulcast LIVE; Know when, where, and how; check full list
27.08 / 09:55
tech.hindustantimes.com
Samsung Software Samsung Android 13 update release could happen in October: Know which phones to get it first
27.08 / 08:43
gamerant.com
Platform Dreams Marvell Booking Fall Guys Should Add Fortnite's Skin Styles and Gifting
27.08 / 07:37
sportskeeda.com
Destiny 2 Role-Playing Games (RPG) Destiny 2: All Arc 3.0 Fragments have been unlocked after King's Fall World First completion
27.08 / 07:21
sportskeeda.com
Destiny 2 Role-Playing Games (RPG) Destiny 2 King's Fall guide: Totems encounter and defeating the Warpriest
27.08 / 05:31
tech.hindustantimes.com
Twitter Google Facebook boxing Garena Free Fire Redeem codes for August 27, 2022: Find your favorite outfit in these redeem codes
27.08 / 04:07
sportskeeda.com
Mobile Racing UPS PUBG Mobile: Bigetron RA finishes top as day 1 of PMPL Indonesia Fall Finals ends
27.08 / 03:31
metro.co.uk
Gaming Weekend Hot Topic: Your favourite open world game
27.08 / 02:49
pcgamer.com
UPS Provident Twitter Curt Schilling acts like we all just forgot about the time he blew $75M in public funds on an MMO that never came out
27.08 / 02:43
gamerant.com
UPS LEGO The Upcoming South Park Game Should Balance Out the Representation of the Show’s Eras
27.08 / 02:37
gamepur.com
UPS Destiny Bungie has confirmed Clan Elysium as the World First winners for the King’s Fall Raid in Destiny 2, making it their third victory in a row
27.08 / 01:57
ign.com
Puzzle Discover The Dark Pictures Anthology: The Devil In Me - First-Look Preview
27.08 / 01:21
ign.com
Twitter Sony Xbox's Fall Lineup Locks In – Unlocked 558
27.08 / 01:21
venturebeat.com
Strategy Microsoft Sony Nintendo Microsoft and Nintendo are probably not raising console prices like Sony
27.08 / 01:19
destructoid.com
Puzzle UPS Nintendo Nobody Saves the World gets killer bee and mechanic forms with Frozen Hearth DLC
27.08 / 01:13
gamespot.com
PlayStation 5 PC Xbox Series X New Need For Speed Reportedly Delayed To December, As Rumored Footage Emerges
27.08 / 01:13
gamerant.com
Platform Fighting Strategy boxing Reddit MultiVersus Clip Shows Massive Problem With Morty's Hit Box
27.08 / 00:17
gamerant.com
Party Strategy Nintendo Reddit Pokemon Scarlet and Violet Leak Teases How Egg Hatching Will Work
27.08 / 00:17
gamerant.com
Platform Mobile Minecraft Nintendo What We'd Like to See in Valve's Year in Review
27.08 / 00:01
metro.co.uk
Destiny 2 Gaming Games news Destiny 2 brings back Destiny 1’s classic King’s Fall raid
Latest News
Main Page
Persons
Art 2555
Chris Scullion 808
Square Enix 957
all persons
Places
Netflix 1072
county Early 740
city Tokyo 940
all places
G.I. Joe: Wrath of Cobra Review
Wicked & Gladiator II Box Office Previews Are Strong But Not Barbenheimer Levels
Guilty Gear Strive photo mode update makes fighters disappear when viewed at inappopriate angles
This YouTuber has been on a mission to discover the worst Lego to step on, and it involves a ballistic gel foot
By the end of the year some RTX 4070 laptops could be the first non-NPU machines to be given a Microsoft Copilot+ stamp
About Us

Gamebastion.com is the biggest games news hub for the gamers all around the world. It is your source of the latest video game news, reviews, previews, podcasts, the most exciting releases, interviews with the video gaming industry's biggest names and other gaming features. Enjoy reading just the most authoritative, up-to-date news and headlines from the video games and entertainment industry at Gamebastion. The biggest video game news, rumors, previews, and other info about the PC, PS4, Xbox, Switch, & mobile titles you play. Stay tuned & well informed 24/7 with us!

Owner: SNOWLAND s.r.o.
Registration certificate 06691200
Address:
Snowland s.r.o.
16200, Na okraji 381/41, Veleslavín, 162 00 Praha 6
Czech Republic

Categories
Info
For advertisers
Add news

©2024. All rights reserved.

DMCA