According to a recent report by security firm Zimperium, popular Android desktop manager AirDroid has some security major vulnerabilities. Users have been advised that unless they use it on a network they fully trust, the app should be un-installed or disabled until the issue is resolved.
AirDroid has been a pretty useful app manager for a long time. The desktop/mobiles combination helps users access everything on their Android smart phone remotely when they are at their desktop. However, mobile security company Zimperium has pointed out that the web manager is vulnerable and can allow attackers to hijack the communication between the user’s phone and their computer if they’re on the same network.
Here is some information you need to know about the security glitch affecting AirDroid:
- The attacker has to be on your network to hack your AirDroid account.
- If you have a strong security on your network and the only person who connects to your Wi-Fi network you’re probably safe. However, if you don’t have strong security on your network, you are vulnerable to the attack.
- The attackers can also hijack the update mechanism and replace a new version of AirDroid with their own APK.
- This attack can let the hacker hack AirDroid user’s email and password, or even run a malicious code on the user’s device.
According to Zimperium, the developers of the app were notified of this major security breach on 24th May 2016.
However, there was no comment as to why the problem has not been fixed until today morning, when Lifehacker strongly recommended against the web manager.
AirDroid took note of the problem in an official blog post,
We want you to know that your AirDroid account shall not be in danger under secure wifi/ LAN access. However, it does not mean that we didn’t take this concern seriously. We did take an immediate reaction right after become aware the possible security issue. There’s a misunderstanding between us and the blog which thought we didn’t keep our promise to improve.
You can know more by reading the complete blog post right here. Until then, take care when you use the AirDroid application to bridge the gap between your Android and desktop.