Android App Leaks 2M Wi-Fi Passwords -- What You Need To Know

An Android app by the name of WiFi Finder, installed by more than 100,000 Google Play users, has leaked in excess of 2 million Wi-Fi network passwords.

The description for the app, which is still available for download from Google Play as I write, asks users to "Be social and share your Wi-Fi hotspots.

According to security researcher Sanyam Jain who is part of the GDI Foundation , and as reported by Zack Whittaker for TechCrunch, the database resulting from these uploads was "left exposed and unprotected, allowing anyone to access and download the contents in bulk."

Because the app makes no distinction between public hotspots and home Wi-Fi networks, the latter have become exposed to potential compromise by threat actors.

That database has now been taken offline by the cloud company hosting it after TechCrunch failed to get any response from the developer over a two week period.

I have been covering the information security beat for three decades and Contributing Editor at PC Pro Magazine since the first issue way back in 1994.

Powered by Blogger.