Millions of android phones on stake due to open port backdoor

A recent study of an internet communication mechanism common in mobile devices has revealed that so-called ‘open ports’ are much more vulnerable to security breaches than expected.

Open ports are integral pieces of internet infrastructure that allow computer programs to accept packets of information from remote servers. These communication mechanisms are routinely used in traditional computers, where they’re secure in part because computers’ Internet Protocol addresses don’t change. An IP address identifies a connected device.

Hundreds of Android apps on Google Play that help users connect to PCs via Wi-Fi leave some ports open and poorly secured, exposing the device to hackers who can steal private information such as contacts, security credentials and photos, they can remotely control a device, perform a denial of service attack, or inject malicious code that could jumpstart widespread, virus-like attacks, the researchers say.

This research was done by a group of researchers from the University of Michigan, who scanned almost 100,000 popular apps on Google Play, out of which 1,632 apps created open ports mostly to connect to PCs. Out of these 410 apps had very weak to no security protection, and 57 apps specifically left ports completely open for hackers to tinker with. They claimed that the most vulnerable among the lot, is an app called Wifi File Transfer, that has as many as 10 million Android downloads and lets user share data across devices and connect to their phones from their computers and has no password or fingerprint authentication to protect the user’s data.

The researchers have advised Android users to update AirDroid to the latest patched version and not to use default pass codes. Vulnerable open port apps should only be launched when needed and after using them, users should be sure to exit them fully through the task manager. Users need to remain “extra careful when using apps whose functionality is data sharing across devices, proxy/VPN, or enabling the user to control a phone remotely without physically accessing it. Consider using only those created by developers with good reputations,” said Yunhan Jia, a doctoral student in computer science and engineering who is involved in the research.

The developers immediately fixed the bug as soon as the Michigan researchers notified them. However, Wifi File Transfer app makers have failed to acknowledge till date. The full research paper details half a dozen more apps including PhonePal and Virtual USB that create a backdoor for hackers to exploit.

The researchers say that the user and Google for that matter is quite helpless in this matter, and developers’ will have to do a lot of work on their end to make their services more safe. For now, its best for users to uninstall all mentioned apps.

Leave a Reply