Study: Many WiFi-to-PC Apps in the Play Store Leave Ports Open and are Poorly Secured
A while back, there were some security concerns with the AirDroid application. This application lets you connect your smartphone or tablet to your PC over WiFi so you can transfer files and control the device from the PC. A few months back, researchers had found an authentication flaw that lets attackers access ports, which allowed hijacking existing connections. This flaw was eventually patched by AirDroid, but it sheds light on the kind of security issues that are possible with these kinds of WiFi file sharing apps.
Just recently, a group of researchers from the University of Michigan found that hundreds of applications in the Play Store that offered these types of features also suffered from serious security flaws. These applications essentially turn your device into a server so that the PC is able to connect to the smartphone or tablet. However, these applications suffer from a major security flaw in that these applications leave an unsecured port open. Thus a malicious entity can scan devices on the network for an open port to attack from and will easily find it if the person is using one of these insecure applications.
The Michigan researchers built a piece of software called OPAnalyzer (which stands for Open Port Analyzer) and then used it to scan the code of about 100,000 popular applications on the Play Store. During this process, they found 1,632 applications opened up a port on the smartphone or tablet. Then, of those 1,632 applications they discovered that 410 of them either had zero or very weak protection when it came to that opened port.
Of those 410 applications, they found 57 of them left these ports open and exploitable by an attacker on the same local WiFi network. Many phones are set to automatically connect to open WiFi networks so they can use less mobile data. As soon as that happens the attacker has full access to scan the ports of said device and then look for potential weaknesses.
The researchers even found applications that used hard-coded passwords to grant access to that port. These passwords could be figured out by analyzing the code of the application. Overall, it’s clear that you should exercise precaution before blindly trusting that an app has implemented proper network security protocols, otherwise you’re leaving yourself open to attacks.