CyberNews Briefs

Xiaomi Phone Bug Allowed Payment Forgery

In a report published released last week at the annual DEF CON conference in Las Vegas, Check Point researchers revealed that a flaw in the smartphone maker Xiaomi could lead to mobile transactions being disabled, created, and signed by attackers. Xiaomi is the world’s third largest phone maker. The company has since patched the vulnerability, which lied in a trusted environment used to store payment data. If exploited, the flaw would have allowed attackers to hijack the mobile payment system. This could potentially lead to forged transactions initiated by the attacker.

The potential pool of victims is huge, considering the popularity of Xiaomi smartphones, and could be incredibly disruptive to consumers. All users should implement the patch immediately and ensure that their systems are up to date. Check Point’s study marks the first time that Xiaomi’s trusted applications have been found to contain security issues.

Read More: Xiaomi Phone Bug Allowed Payment Forgery

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.