AirDroid's Use of Insecure Communication Channels Leaves Users Vulnerable, Claims Zimperium

Advertisement
By Shekhar Thakran | Updated: 2 December 2016 18:34 IST
Highlights
  • AirDroid has been downloaded more than 10 million times from Google Play
  • Vulnerability can potentially allow hacker's to gain users' credentials
  • AirDroid is a remote management tool for Android
AirDroid's Use of Insecure Communication Channels Leaves Users Vulnerable, Claims Zimperium

In the past one year, there have been many critical vulnerabilities regarding Google's mobile platform Android that were exposed by research firms. Now, a mobile security firm has claimed that AirDroid, one of the most popular remote management and file sharing tools on Android, has certain vulnerabilities that can leave its users extremely vulnerable to hacking.

Mobile security firm Zimperium has released details of security vulnerabilities associated with AirDroid that allow hackers on the same network as the user to gain their private information as well as execute code on their phone via malicious APK files.

"AirDroid relies on insecure communication channels in order to send the same data used to authenticate the device to their statistics server. Such requests are encrypted with DES (ECB mode) however the encryption key is hardcoded inside the application itself (thus known to an attacker)," Zimperium said in a note regarding the vulnerability.

According to the security firm, any "malicious party" on the same network as user's device can potentially execute a man-in-the-middle attack and gain access to authentication credentials and impersonate the user to make further requests.

Advertisement

The report further adds that AirDroid's vulnerability allows hackers to even intercept the request sent by the application for add-on updates and therefore make it download a malicious app and make unsuspecting users unknowingly accept the installation request.

Considering that AirDroid has been downloaded more than 10 million times from Google Play, the security flaws can leave a huge number of Android users vulnerable to hack - though of course downloads do not represent active users.

 

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Advertisement
Popular Mobile Brands
  1. Samsung Galaxy F36 5G Launched in India With AI Features: All Details
  1. Hubble Uncovers Multi-Age Stars in Ancient Cluster, Reshaping Galaxy Origins
  2. sPHENIX at RHIC Delivers First Results, Sets Stage for Quark–Gluon Plasma Studies
  3. Chandra Spots Distant Baby Planet Losing Its Atmosphere Under Intense X-ray Assault
  4. Meteor Strike May Have Triggered Massive Grand Canyon Landslide 56,000 Years Ago
  5. Ronth OTT Release Date: When and Where to Watch Malayalam Drama Movie Online
  6. Samsung Galaxy F36 5G Launched in India With AI Features, Triple Rear Cameras: Price, Specifications
  7. Samsung Galaxy F36 5G Launching Today: Know Price in India, Features and Specifications
  8. Gemini North Telescope Spots Interstellar Comet 3I/ATLAS Racing Through Solar System
  9. NASA Grounds Boeing Starliner Until 2026 After Test Flight Failures
  10. Quantum Leap: Scientists Achieve Magic State Distillation on Logical Qubits for the First Time
Gadgets 360 is available in
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.