Millions of users using the popular AirDroid Android device manager app are exposed to a vulnerability which has been revealed by the Check Point Softwares Technologies Ltd.
AirDroid is a popular Android device manager app that is used by approximately 50 million users worldwide.It allows users to securely and remotely access and manage their Android phones and tablets from their PCs. They can also easily manage things like files, contacts, SMS, videos and more.
The revealed vulnerability can be used by attackers to steal data from users by using a seemingly simple procedure.
It starts with an attacker sending their targets contact cards (Vcard) via any services like WhatsApp, email, MMS, etc. and get the victim to add it to his/her phonebook. Then the target receives a text message from that new contact which allows the malicious payload to exploit the vulnerability in the AirDroid app. It then enables the attackers to execute code on the device to steal data and send it back to their servers.
Researchers at Check Point says:
The AirDroid attack flow provides cybercriminals with a very easy way to target users: sending a contact card and an SMS message to execute the attack. The main threat is a complete theft of private information. Imagine, for example, that just receiving an SMS message can result in all of the user’s data being stolen. Another threat is that an attacker could control the content of the target’s device. All an attacker needs is the phone number associated with the targeted account. Once that phone number is obtained, the attacker needs to share a contact card with the target, and get the target to add it to his or her phone book
The California-based Sand Studio, the Publisher of the AirDroid app, has released a security fix (version 3.2.0). All the users of the app should consider updating their application immediately.