Connecting your Android phone has never been more difficult since the early days of the operating system, and for good reason: unlike its rival Apple, it doesn’t require any special software to run, but it acts like a classic storage space.
That doesn’t mean you can’t find something on the Play Store to make the process even easier. Offering to transfer files over the local network, AirDroid is one of the oldest and most used solutions for this with its 10 million users.
Unfortunately, as Zimperium security experts have pointed out, the latest version 4 has a big problem. Indeed, the application is a single static encryption key when communicating over a network. Therefore, a hacker can capture it and take control of the dialogue.
By doing this, the hacker not only learns a lot of private information of the target, but can also send a rogue update to the phone so that it can infect the phone with ease. Note that the flaw has been known since May 2016, but the developer hasn’t done anything recently to force Zimperium to publicly release information like Google and Windows.
Given this major flaw, we can only recommend that you uninstall the application immediately and look for alternative solutions, such as BitTorrent Sync. Meanwhile, the developer still hasn’t responded to the flurry of this story, but should submit a patch shortly.
