AirDroid has been downloaded by more than 10 million times from Google Play.
In the previous one year, there have been several perilous vulnerabilities regarding Google’s mobile platform Android that were open by research companies. Currently, a mobile security corporation has claimed that AirDroid web, one of the most general file sharing and remote management tools on Android, has specific vulnerabilities that can leave its customers very susceptible to hacking.
Mobile security firm Zimperium has released particulars of security susceptibilities linked with AirDroid web that permit hackers on the similar network as the user to attain their personal information as well as to implement code on their phone through malicious APK files.
“AirDroid depends on insecure communiqué channels in order to send the similar data used to validate the device to their data server. Such demands are encrypted with DES (ECB mode) yet the encryption key is hardcoded by the application itself,” Zimperium stated in a note regarding the susceptibility.
Based on the views of the mobile security firm, any “malicious party” on the similar network as user’s device can possibly accomplish a man-in-the-middle bout and gain access to validation credentials and personate the user to make further demands.
The report further says that AirDroid’s susceptibility allows hackers to even interrupt the request given by the application for add-on updates and so make it download a malicious application and make gullible users unknowingly admit the installation request.
Seeing that AirDroid for PC has been downloaded more than 10 million times from Google Play, the security faults can leave a big number of Android users susceptible to hack – though of sequence downloads do not signify active users.