For at least the past six months, a popular Android remote management app which is available on the Google Play Store has opened tens of millions of Android users to the arbitrary code-execution and data-theft attacks when they use unsecured networks.
Popular Android App AirDroid Has Critical Security Flaws
If you want to connect your Android smartphone to your PC to transfer and view content in Google Play, you have a bunch of apps to do so. And in the last six months of 2016, there has been an app that has become very popular: AirDroid, which facilitates the process and it has been downloaded by an entity of between 10 and 50 million users.
But, now the problem you have is that according to security firm Zimperium, AirDroid is a danger that exposes the mobile to hackers.
According to the security firm Zimperium, the app uses a form of static and easily detectable encryption key when sending data updates and private user information from mobile phone to PC and vice versa.
So, attackers who are on the same network can exploit the weakness to push fraudulent updates or view potentially sensitive user information, including the international mobile equipment identity and international mobile subscriber identity designations that are unique to each phone.
As we read in the security firm’s official blog, the firm argues that “someone with expertise knowledge on the same network can get the complete remote control of the device. Next, the attacker can see the user’s private information like IMEI (code that identifies the device exclusive worldwide form), IMSI (the unique identification code for each smartphone integrated into the SIM card) and other important data. As soon as the update, or fake update, is installed the software automatically launches the updated [Android app file] without ever verifying who built it”.
The Zimperium firm notes that after discovering this anomaly, contacted the authors of AirDroid privately last May, letting them know what was happening. And these seem to have ignored by the company, since in the latest version of the app, launched in this month of November, still, the same ‘exploit’ remains without being corrected.
When installing, the app is asking all its users approval for “accessing contacts, device location, text messages, photos, camera, microphone, Wi-Fi and information about the calls and the device identity”.
That is why we are concerned about this security flaw gave the level of permissions that the app gets to be installed, a level that a hacker could easily increase camouflaging fake update AirDroid and get full access to the mobile, so for now if you use AirDroid, it is better to limit yourself to connect to networks you know and ensure they are safe.