New ‘Man-in-the-Disk’ Android Vulnerability Affects Via External Storage Devices

Written by Nitish Singh
Last updated September 23, 2021

Security research company Check Point revealed a new vulnerability that can affect any Android device that is capable of using external storage devices. Google’s OS has a Sandbox protection protocol in place that constantly monitors device activity and prevents all known malicious apps from affecting devices. However, with the ability to connect to external storage devices like SD cards, partitioned internal storage, USB OTG cables, hard drives and other storage devices the Sandbox protection does not work on said external devices. The security team at Check Point has termed the method ‘Man-in-the-Disk’.

Man In the Disk Phone Crash

Image Courtesy of Check Point

The security flaw can potentially allow cybercriminals to conduct various malicious activities which can result in the installation of unrequested apps, denial of service, forced file encryption, crashes, ransomware and more. While some manufacturers offer non-expandable storage, a large number of Android users have access to phones and tablets that offer SD card support making most devices vulnerable. Most apps install on internal storage by default but some memory hogging apps and games install a large part of their data on external partitions.

Man In the Disk Attack Flow

Image Courtesy of Check Point

According to the research team, attackers who take advantage of the Android exploit can “Monitor data transferred between any other app on the user’s device and the External Storage, and overwrite it with his own data in a timely manner, leading to the unwelcome behavior of the attacked application”.

After discovering the application vulnerabilities in several Android apps, the developers were contacted. Updates to the vulnerable apps have already been released by developers, and several unnamed apps are still being patched and their names will be revealed after the process is complete. Until Google patches Android’s underlying problems, app developers need to be careful about using external storage for apps.

What do you think about Check Point’s findings? Let us know in the comments below. Also, to get instant tech updates, follow TechNadu’s Facebook page, and Twitter handle.

For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: