They discover mystery of shameful app Analytics of Xiaomi

Analytics (The Analytics.apk) is an application that is factory installed on Xiaomi devices. It is active all the time on your mobile. In case of being deleted by the user, it reappears automatically after a while. It may also have the name of AnalyticsCore.apk The com.miui.analytics.

Thijs Broenink, a computer science student and security enthusiast, reverse-engineered the code for the Analytics app. It detected that it searches for an update on Xiaomi’s servers, every 24 hours. If found, the new package was automatically downloaded and installed in the background. This means that it was installed without the user even suspecting it.

The student assumes that another application with higher privileges on the device performs this installation in the background. However, he did not find proof of this within the Analytics code.

It also found no evidence that the APK that was installed on the device was verified. If so, this operation could be exploited by a hacker to install any malicious or spy app.

Analytics is a back door installed by Xiaomi itself

In his research, Broenink found no evidence about the real purpose of the Analytics app. For the website thehackernews.com, this is nothing more than a backdoor or “backdoor” installed in the millions of Xiaomi devices. And as they say right there, “there is no back door that only its creator has access to.”

According to a spokesperson for the Xiaomi company, Analytics (or AnalyticsCore) is part of the MIUI system. It’s there for “data analysis purposes to improve user experience.” For example, for error analysis in the system.

This representative indicated that this package does indeed have an “auto-update” function, as it is “key to ensuring a better user experience.” He indicated that during the auto-update process the signature of the app to be installed is verified. This is done so that only the official APK Analytics is installed on the device and no other. He also said that as of MIUI 7.3 the HTTPS connection is enabled. This technology prevents data interception through a “man-in-the-middle” attack.

Xiaomi preferred to remain silent regarding its ability to automatically install applications on its devices, without the user knowing.

The temporary “solution”

While at least one user in the forum xda-developers.com states that Analytics can be removed / frozen without problems with root access (under the responsibility of each user, as it could generate a “bootloop” problem), it will surely reappear. The temporary alternative would be to block the connection of the device with Xiaomi’s servers or any domain name related to the company. For this, a Firewall app can be installed on the device. This, however, could block system updates sent by the company.

«Msa», another application that Xiaomi pre-installs on its devices

msa is an application responsible for displaying advertising on the device, in the form of notifications that appear automatically (although it may have other purposes). Although the user can disable these notifications from the system settings, they re-enable themselves.

Source: thehackernews.com