Security News > 2024 > May > Microsoft warns of "Dirty Stream" attack impacting Android apps

Microsoft has highlighted a novel attack dubbed "Dirty Stream," which could allow malicious Android apps to overwrite files in another application's home directory, potentially leading to arbitrary code execution and secrets theft.
Dirty Stream allows malicious apps to send a file with a manipulated filename or path to another app using a custom intent.
This manipulation of the data stream between two Android apps turns a common OS-level function into a weaponized tool and can lead to unauthorized code execution, data theft, or other malicious outcomes.
Microsoft researcher Dimitrios Valsamaras noted that these incorrect implementations are unfortunately abundant, impacting apps installed over four billion times and offering a massive attack surface.
Two apps highlighted as vulnerable to Dirty Stream attacks in Microsoft's report are Xiaomi's File Manager application, which has over a billion installations, and WPS Office, which counts around 500 million installs.
Google rejected 2.28 million risky Android apps from Play store in 2023.
News URL
Related news
- Microsoft Uncovers Sandworm Subgroup's Global Cyber Attacks Spanning 15+ Countries (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Microsoft fixes Power Pages zero-day bug exploited in attacks (source)
- Botnet targets Basic Auth in Microsoft 365 password spray attacks (source)
- New ClickFix attack deploys Havoc C2 via Microsoft Sharepoint (source)
- Hidden Threats: How Microsoft 365 Backups Store Risks for Future Attacks (source)
- New Android malware uses Microsoft’s .NET MAUI to evade detection (source)
- Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)
- Phishing platform 'Lucid' behind wave of iOS, Android SMS attacks (source)
- Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware (source)