Remote management app could expose data to attackers — or compromise devices through hijacked update files.
Research by security firm Zimperium has shown that popular remote management app AirDroid is vulnerable to so-called “man-n-the-middle” attacks, leaving users’ phones open to data theft or, at worst, compromise of the device through a hijacked update file.
According to Zimperium, an attacker on the same network as the intended victim could intercept authentication data and impersonate the user, allowing personal data — such as SMS, calls, notifications or contact details — to be exposed.
Most seriously, the mechanism by which the app is updated could also be hijacked in the same way, exposing AirDroid users to have their entire device compromised by a malicious APK file. The security firm has a full proof of concept on its site, along with details of how it disclosed the vulnerabilities to developer Sand Studio, starting in May 2016.
Zimperium says the recently released AirDroid 4.0.0 and 4.0.1 remain vulnerable to the same vulnerability. We’ve reached out to Sand Studio for comment, and we’ll update this post with any response. In the meantime, if you’re a security-conscious AirDroid user, you may want to think about uninstalling until a fix is available.
