Home News Open Port App Flaw Found in Google Play Store Apps

Open Port App Flaw Found in Google Play Store Apps

Apr 29, 2017

We have told you about quite a few malware and security issues facing Android over the past several months. There is a new issue though for Android, which is an issue with the open port abilities that many apps on Google Play Store have. This open port flaw is putting Android devices at risk for being hacked. Continue reading to learn more about the apps that were found to have this open port flaw and what the potential risk is to users.

Open Port Flaw Leaves Android Devices at Risk for Hacks

The biggest issue going on here is that the researchers from the University of Michigan have found hundreds of apps on Google Play Store that have an open port flaw. This open port flaw has been found on over 410 apps that currently are on Google Play Store, with one of the apps having been downloaded between 10 and 50 million times. The researchers at the University of Michigan developed their own scanning tool and found the apps that had the open port flaw, although there has been no official word from Google about this issue.

The real issue here is that millions of Android devices are now at risk for being hacked, due to the open port flaw on one very popular app. Contacts, security credentials, photos, and other types of information can be hacked into with this open port flaw. The open port flaw is often times found in apps that deal with transferring information from the Android device to the computer over WiFi. This flaw means that the transfer of information is not as secure as it should be, thus leaving open the possibility of someone exploiting the vulnerability.

The app known as WiFi File Transfer is the app that has been downloaded between 10 and 50 million times. The open port flaw occurs when the Android device is transferring the data through the WiFi network. Hackers and attackers could gain access to the information that is being sent, and it is all without the knowledge or consent of the Android users. Arbitrary remote executions and other types of hacks can occur as a result of the flaw as well, so it could be used in multiple ways to steal information or take over your Android device altogether.

This particular flaw has been found on computers and a known issue with computers for years. Most people, however, do not think about the open port flaw being a problem for smartphones like Android or iOS. The researchers from the University of Michigan personally scanned over 24,000 apps on Google Play Store, which is how they found 410 apps could contain this vulnerability. The research team found that out of all of those apps, 57 were at high-risk of the open port flaw, and did definitely have a security issue with this particular flaw.

The researchers even did, even more, work by connecting to the campus network, where they found tons of Android devices that had some of these 410 apps downloaded and installed onto them. This means that potentially millions of people are affected by this issue, especially those in a work or school setting where file transfer Android apps would be common. No authentication by the Android user or the person connecting was needed, so someone could easily break into the file transfer without notice. The researchers even made a video of themselves pulling this off to show how easy it was and how discreet the hack could take place using the open port vulnerability.

How to Protect Yourself From Open Port Flaw

When it comes to the best way to protect your device from this flaw, the easiest thing to do is uninstall and delete the apps that were found to have this open port issue. The University of Michigan did put out a report that showed those apps in Google Play Store that were affected by this flaw. If you have one of the 410 apps, you should immediately delete it. Beyond that, the best thing to do is make sure that you are only transferring files from your device to your computer on a secured network where you trust those around you. You should never use an open WiFi network to transfer information, especially sensitive information that could lead to a hacker gaining personal data.