What's 'Dirty Stream' and how does it threaten Android users?

Android users assemble! Researchers at Microsoft have warned of invisible attacks that could potentially drain your accounts and you may not even know about it.

According to a report by The Sun, the researchers recently discovered that Android apps may be vulnerable to attacks such as data theft, malware and other issues due to a common security weakness.

The report revealed that these attacks were found in Android applications that are shared with other users.

So what do you need to beware of?

The malicious apps, known as "Dirty Stream", send a file with a manipulated filename or path to another app, allowing attackers to create a fake app that can send a malicious file directly to a receiving app without the user's approval or knowledge.

The file sharing targets can be email clients, messaging apps, social networking apps, browsers and file editors.

Four of the affected apps, which have not been named, have been downloaded over 500 million times.

When a share target receives a malicious filename, it triggers a process that could end with the app getting compromised, according to Microsoft.

By utilising a malicious app to receive the app’s settings, an attacker may occasionally be able to convince a recipient app to exchange authentication tokens and other data with a server under their control.

Additionally, the Android security team at Google has also been alerted to the potential vulnerability by Microsoft representatives.