AirDroid App vulnerable to Authentication Flaw that allows hackers to take over smartphone

One of the most popular file transfering Apps for Android has a huge problem. It is vulnerable to a authentication flaw that could allow potential hackers to remotely hijack your smartphone.

AirDroid for Android is a very popular App among smartphone users and has been downloaded 20 million times with a overall 4.5 stars ratings from reviewers on Google Play. Researchers at Bishop Fox have discovered that it is vulnerable to a pretty serious authentication bug which can be exploited even if the AirDroid for Android App is not being used.

Once an attacker gains access to a victim’s phone, an attacker can perform actions such as taking photos via the phone’s camera, track the victim via GPS, send messages and harass the victim’s contacts, Bishop Fox’s Matt Bryant explained in a blog post.

Matt explains the modus operandi of the potential hacker :

1.) The attacker sends the victim an innocent-seeming link.
2.) The victim takes the bait and clicks the link.
3.) Click! The attacker – specifically, his or her website – now has control of the victim’s phone.
4.) The webpage opens, sending a text message to the victim and taking a photo of him or her as well.
5.) The photo is sent to the attacker, who then uses it to taunt the victim.

The proof-of-concept video is given below

Matt says that they had informed the AirDroid security team of this serious vulnerability and AirDroid has now patched the same.

Android smartphone users can download the updated version of AirDroid from here.

Subscribe to our newsletter

To be updated with all the latest news


Please enter your comment!
Please enter your name here

Subscribe to our newsletter

To be updated with all the latest news

Read More

Suggested Post