AirDroid's Use of Insecure Communication Channels Leaves Users Vulnerable, Claims Zimperium

Advertisement
By Shekhar Thakran | Updated: 2 December 2016 18:34 IST
Highlights
  • AirDroid has been downloaded more than 10 million times from Google Play
  • Vulnerability can potentially allow hacker's to gain users' credentials
  • AirDroid is a remote management tool for Android
AirDroid's Use of Insecure Communication Channels Leaves Users Vulnerable, Claims Zimperium

In the past one year, there have been many critical vulnerabilities regarding Google's mobile platform Android that were exposed by research firms. Now, a mobile security firm has claimed that AirDroid, one of the most popular remote management and file sharing tools on Android, has certain vulnerabilities that can leave its users extremely vulnerable to hacking.

Mobile security firm Zimperium has released details of security vulnerabilities associated with AirDroid that allow hackers on the same network as the user to gain their private information as well as execute code on their phone via malicious APK files.

"AirDroid relies on insecure communication channels in order to send the same data used to authenticate the device to their statistics server. Such requests are encrypted with DES (ECB mode) however the encryption key is hardcoded inside the application itself (thus known to an attacker)," Zimperium said in a note regarding the vulnerability.

According to the security firm, any "malicious party" on the same network as user's device can potentially execute a man-in-the-middle attack and gain access to authentication credentials and impersonate the user to make further requests.

Advertisement

The report further adds that AirDroid's vulnerability allows hackers to even intercept the request sent by the application for add-on updates and therefore make it download a malicious app and make unsuspecting users unknowingly accept the installation request.

Considering that AirDroid has been downloaded more than 10 million times from Google Play, the security flaws can leave a huge number of Android users vulnerable to hack - though of course downloads do not represent active users.

 

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Advertisement
Popular Mobile Brands
  1. Flipkart Freedom Day Sale: Best Deals On Samsung Smartphones
  2. Best Laptop Offers During the Ongoing Flipkart Freedom Day Sale
  3. Get Discounts on These iPhone Models During the Flipkart Freedom Sale
  4. FASTag Annual Pass Launches This Independence Day: Here's How to Apply
  5. Google Pixel 10 Series Price in India Reportedly Leaked Ahead of Launch
  6. Qubo Dashcam Pro 3K Review: A Solid Choice for Your Car
  7. FASTag Annual Pass: From Price to Validity, Everything You Need to Know
  8. Poco M7 Plus 5G Launched in India With 7,000mAh Battery at This Price
  9. Lenovo Tab Launched in India With 5,100mAh Battery, LTE Connectivity
  10. iPhone 14 Price Drops to an All-Time Low on Vijay Sales
  1. Astronomers Detect Black Hole 36 Billion Times the Sun’s Mass, Among Largest Ever Found
  2. NASA Tests Tiltwing Wing Model to Boost Advanced Air Mobility Designs
  3. Self-Adaptive Electrolytes Expand Stability for Fast-Charging High-Energy Batteries
  4. Light Pollution Threatens Global Observatories, Jeopardising Deep-Sky Astronomy
  5. Pretty Thing Now Streaming on Lionsgate Play: Everything You Need to Know About Plot, Cast, and More
  6. Sena: Guardians of the Nation is Now Available to Watch on Amazon MX Player
  7. Mr and Mrs 420 Again Now Available for Rent on Amazon Prime Video: What You Need to Know
  8. Alien Earth Now Streaming on JioHotstar: Everything You Need to Know
  9. Samsung Odyssey OLED G6 Gaming Monitor With 500Hz Refresh Rate Launched Alongside New Odyssey G7 Form Factors
  10. Samsung Galaxy S24 Series, Z Fold 6 and Z Flip 6 Get Android 16-Based One UI 8 Beta Update: Report
Gadgets 360 is available in
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.