One of the most popular remote management tool for Android in Google Play Store, AirDroid, has left more than 10 million of its users vulnerable to data theft and remote code execution attacks on open networks.
AirDroid has been the tool of choice for millions of users which lets you access features of your Android device directly from a connected PC.
The app has an estimated user base of 10-50 million according to the Play Store data and opens up its users to malicious threats when used in an insecure network connection. The attacker can exploit the inbuilt features of the app and use them against its users.
Security Issues Raised at AirDroid
According to Zimperium, a security firm, AirDroid uses a static and encryption key while transmitting update files and sensitive user data, which is easily detectable to the attacker as it is hard coded inside the application.
“Our research highlights how insecure communication channels make millions of users vulnerable to Man-in-the-Middle (MITM) attacks, information leakage and remote hijacking of update APK which leads to a remote code execution by a malicious party,” Simone Margaritelli, Security Researcher at Zimperium zLabs reported.
So if the target device is using the same network as the attacker, then an attack can be executed. If successful, the attacker will gain authentication credentials and then will be able to impersonate the user to further his cause.
Management at AirDroid is well aware of the dangers its user base faces since May 2016, the first time Zimperium detected security issues with the app.
But the company has been largely ignorant of the fact and didn’t add any extra security layers to their app in the major version 4.0 update release or their current 4.0.1 version update — leaving its users vulnerable to attacks.
For now, until there is a security update in place, it’s in an AirDroid user’s best interest to not access the app — delete it maybe — and certainly not use it in public networks where the vulnerability is much higher.
If you’re keeping AirDroid, then you should strongly consider using it only in the networks that you trust and know are secure.