Android

Beware of Airdroid - over 20 million users exposed to security risks

Plamen D. posted by Plamen D.   /  Dec 02, 2016, 9:31 AM
Beware of Airdroid - over 20 million users exposed to security risks

In present times, having the ability to remotely access your phone or computer can be quite useful. Considering this, it comes as no suprise that apps designed with this feature in mind have become very popular among users, however, in some cases various risks can hide behind the apparent convenience of using such applications.

A mobile security company called Zimperium has discovered a number of major security issues for Airdroid – a remote access management tool for Android with over 20 million downloads. Sand Studio – the product team behind Airdroid was informed by Zimperium about said vulnerabilities more than six months ago and promised to patch things up with the 4.0 release of the app which was introduced last month. The security company later found out that all of the issues still persisted on version 4.0, so it decided to make it's discoveries public today.

Zimperium's findings highlight how malicious parties can exploit the app's built-in functionalities and use them against users on the same network. Airdroid uses the same encrypted HTTP request to authorize the device and send usage statistics. The key to this encryption is hardcoded into the application, which means that everyone using it has the exact same key. With this key, attackers can intercept the authentication request and gain access to private account information, such as the e-mail address and password associated with the Airdroid account. Moreover, the hackers can also use a similar method to inject any malicious APK by prompting the app to notify the user of a required software update.

It is very unfortunate to see a developer putting profits before people and not focusing on security. While we all hope to see these issues fixed in the next update, it is advisable to stop or at least limit the use of this app until something is done to correct this.

source: Zimperium via Android Police

FEATURED VIDEO

Options

17 Comments

drifter77
Reply

1. drifter77

Posts: 397; Member since: Jun 12, 2015

Damn... this is one of my fav apps.

posted on Dec 02, 2016, 10:11 AM

emvxl
Reply

2. emvxl

Posts: 139; Member since: Sep 29, 2009

OK, time to uninstall for now. Android security issues just keep coming up.

posted on Dec 02, 2016, 10:33 AM

xondk
Reply

21. xondk

Posts: 1904; Member since: Mar 25, 2014

This is not so much Android as an android app a lot use though.

posted on Dec 03, 2016, 11:40 AM

Mxyzptlk unregistered
Reply

3. Mxyzptlk unregistered

Android really needs to bump up the security.

posted on Dec 02, 2016, 10:35 AM

Pabliell
Reply

13. Pabliell

Posts: 171; Member since: Mar 22, 2016

It's not Android this time, just this one particular app.

posted on Dec 02, 2016, 4:31 PM

Scott93274
Reply

4. Scott93274

Posts: 6020; Member since: Aug 06, 2013

Damn, I love this app, though I don't use it all the frequently. I guess I'll remove it for the time being until I hear that they've fixed the issue.

posted on Dec 02, 2016, 11:17 AM

piyath
Reply

5. piyath

Posts: 2443; Member since: Mar 23, 2012

Welcome to Android people....! Please remember these very important articles one by one which tells how bad the Android security and the whole ecosystem is. Please try to do that you fanboys. Because tomorrow some idiot will say "Android is the best operating system"...lol

posted on Dec 02, 2016, 11:59 AM

joey_sfb
Reply

6. joey_sfb

Posts: 6794; Member since: Mar 29, 2012

Nobody say Android is the best operating system. I am using it because its the more transparent OS. Security problem get more readily discover and fixed. Proprietary OS lacks such transparency but I see a few here prefers it that way. Sticking their heads into their beloved company ass.

posted on Dec 02, 2016, 1:33 PM

gdawilson
Reply

7. gdawilson

Posts: 259; Member since: Jul 21, 2014

Go through yesterday's posts on this website and you'll find an article regarding iOS being bypassed. No OS is 100% secure, so please think before posting and calling people "fanboys" when you yourself are exactly what you're calling other people, just for a different OS. I don't brag about Android being the best OS. I think it's better than iOS for multiple reasons, having owned different generations of Apple products.

posted on Dec 02, 2016, 2:26 PM

sissy246
Reply

11. sissy246

Posts: 6844; Member since: Mar 04, 2015

https://www.google.com/amp/s/amp.businessinsider.com/iphones-hacked-text-message-2016-8 No one is safe

posted on Dec 02, 2016, 4:03 PM

sissy246
Reply

12. sissy246

Posts: 6844; Member since: Mar 04, 2015

Oh and there are more, just go look it up.

posted on Dec 02, 2016, 4:04 PM

tedkord
Reply

8. tedkord

Posts: 16999; Member since: Jun 17, 2009

20 million is less than 1.5% of active Android devices.

posted on Dec 02, 2016, 3:10 PM

Crispin_Gatieza
Reply

9. Crispin_Gatieza

Posts: 3041; Member since: Jan 23, 2014

The best file transfer and notification tool is called BlackBerry Blend. End of story.

posted on Dec 02, 2016, 3:22 PM

kerginaldo17 unregistered
Reply

10. kerginaldo17 unregistered

https://techcrunch.com/2016/12/02/copy-and-paste-trick-could-unlock-ios-10-devices-in-lost-mode/

posted on Dec 02, 2016, 3:36 PM

vliang86
Reply

17. vliang86

Posts: 337; Member since: Oct 05, 2015

Switch to iOS, problem solved

posted on Dec 03, 2016, 1:07 AM

Pabliell
Reply

18. Pabliell

Posts: 171; Member since: Mar 22, 2016

And countless other problems will occur.

posted on Dec 03, 2016, 1:14 AM

JunitoNH
Reply

22. JunitoNH

Posts: 1946; Member since: Feb 15, 2012

It is, always Android. As I always say, use as directed, only for play, nothing more.

posted on Dec 04, 2016, 8:57 PM

view all comments
Want to comment? Please Log in or sign up.

Featured stories

samsung-galaxy-s10-exynos-idle-battery-drain-bug-voip-fix
Exynos Galaxy S10 affected by severe idle battery drain, here's a temporary fix
samsung-galaxy-fold-pre-order-release-dates-global-markets
Samsung Galaxy Fold release dates confirmed for key global markets
What-to-expect-from-Apple-tomorrow
New leak details what to expect from Apple during tomorrow's press event
Apple-iPhone-11-reverse-wireless-charging-fast-charger-report
The iPhone 11 may copy key Galaxy S10 feature, include faster USB-C charger
Motorola-One-Vision-render-leak
Leaked Motorola One Vision press render reveals all, display hole included
How-Google-convinced-phone-manufacturers-to-integrate-Google-Assistant-button
How did Google convince phone makers to add a Google Assistant button?
Apple-AirPower-new-image-discovered
New AirPower image with iPhone XS and AirPods found on Apple's website
apple-watch-series-5-price-release-date-features
Apple Watch Series 5 rumor review: price, release date, and new features

Popular stories

Deal-Bose-QC35-II-headphones-90-off
Deal: Bose's expensive QC35 II wireless noise-canceling headphones get a $90 discount
microsoft-surface-pro-5th-gen-deal-keyboard-bundle-best-buy
Microsoft's 5th Gen Surface Pro scores unbeatable $360 discount in keyboard bundle
surface-pro-6-keyboard-deal-microsoft-best-buy-massive-discount
Microsoft Surface Pro 6 with keyboard scores massive $330 discount for a limited time
ios-13-best-new-features-release-date-supported-devices
iOS 13 release date and best rumored new features
samsung-galaxy-note-9-deal-b-h-photo-video-incredible-discount
Samsung Galaxy Note 9 scores incredible $500 discount in 512GB configuration at B&H
New-renders-show-off-the-OnePlus-7-in-its-three-color-options
OnePlus 7 renders show off the phone's cameras and its three color options
Apple-iPhone-11-reverse-wireless-charging-fast-charger-report
The iPhone 11 may copy key Galaxy S10 feature, include faster USB-C charger
T-Mobile-increases-wireless-capacity-at-its-ballpark-in-Seattle
This might be the best $87.5 million T-Mobile has ever spent

Hot phones

Latest Stories

View more