They discover a serious vulnerability in some Xiaomi mobile models that allows payments to be faked.

Cybercriminals are always looking for various vulnerabilities in popular phones in order to try to attack a large number of users. Xiaomi smartphones on MediaTek processors are in danger due to their payment system.

And, as Checkpoint researchers note, they found security issues in the payment system present in these phones, which provides a Trusted Execution Environment (TEE) responsible for signing transactions.

At the same time, hackers could use these vulnerabilities to sign fake payment packages when using an unprivileged third-party application..

The researchers explain that the affected Xiaomi phones use the “Kinibi” TEE architecture, which creates a virtual enclave to store the security keys needed to sign these types of transactions.

They say it is designed to run trusted apps like Xiaomi’s ‘thhadmin’, which is responsible for managing security within an integrated mobile payment system called ‘Tencent Soter’.

However, apps like WeChat and Alipay rely on Tencent Soter to securely verify these payment packages.

it opens the door to attack degradationwhere an attacker can replace a newer, more secure application with an older, more vulnerable version.

Researchers have exploited another vulnerability in Tencent Soter that allows an attacker to extract private keys and sign fake payment packages in the context of an unprivileged user.

They recommend if you have a Mediatek based Xiaomi device All security updates from June 2022 must be installed..

It is recommended that you disable mobile payments completely until next week’s update, or at least minimize the number of apps installed on your device.