• Home
  • Apps
  • Apps News
  • App Flaw Reportedly Creates Backdoor for Hacking Millions of Android Phones

App Flaw Reportedly Creates Backdoor for Hacking Millions of Android Phones

Share on Facebook Tweet Snapchat Share Reddit Comment
App Flaw Reportedly Creates Backdoor for Hacking Millions of Android Phones
Highlights
  • Wifi File Transfer app found to leave port open
  • Over 10 million users have downloaded the app
  • This open port allows hackers to access sensitive data

A recent study has found that hundreds of Android apps on Google Play that help users connect to PCs via Wi-Fi leave some ports open and poorly secured, exposing the device to hackers. This research was done by a group of researchers from the University of Michigan, who claim that the most vulnerable among the lot, is an app called Wifi File Transfer, that has as many as 10 million Android downloads.

The researchers scanned almost 100,000 popular apps on Google Play, out of which 1,632 apps created open ports mostly to connect to PCs. Out of these 410 apps had very weak to no security protection, and 57 apps specifically left ports completely open for hackers to tinker with. One of the apps that the researchers found to be particularly dangerous was Wifi File Transfer that has garnered almost 10 million user downloads on Google Play. It essentially lets you connect a PC to a phone through an open port via Wi-Fi, and has no password or fingerprint authentication to protect the user's data. This means that if some unethical user gains access to this port, they can also gain access to all sensitive data as well. This exploit enables hackers to steal data, including contacts or photos, or even install malware.

Another app with an authentication flaw was AirDroid, and Wired reports that the developers immediately fixed the bug as soon as the Michigan researchers notified them. However, Wifi File Transfer app makers have failed to acknowledge till date. The full research paper details half a dozen more apps including PhonePal and Virtual USB that create a backdoor for hackers to exploit.

The researchers say that the user and Google for that matter is quite helpless in this matter, and developers' will have to do a lot of work on their end to make their services more safe. For now, we recommend you to uninstall Wifi File Transfer and the other mentioned apps, and give priority to security over convenience.

Comments

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.

Tasneem Akolawala Tasneem Akolawala is a Senior Reporter for Gadgets 360. Her reporting expertise encompasses smartphones, wearables, apps, social media, and the overall tech industry. She reports out of Mumbai, and also writes about the ups and downs in the Indian telecom sector. Tasneem can be reached on Twitter at @MuteRiot, and leads, tips, and releases can be sent to tasneema@ndtv.com. More
Reliance Jio Claims Airtel Issuing Misleading Offers, Complains to TRAI

Related Stories

 
 

Advertisement

Advertisement

© Copyright Red Pixels Ventures Limited 2020. All rights reserved.
Listen to the latest songs, only on JioSaavn.com