AirDroid is a very popular Android app for remote management of your Android phone. It has been downloaded on over 50 million devices according to the Google Play Store.
If you are using AirDroid for your file transfers, you need to uninstall it now.
Recent research from security experts, Zimperium, indicates that AirDroid can be used by attackers to gain remote access to your Android device, and do very very bad things with it. The full analysis of the security vulnerabilities found in AirDroid can be found here: https://blog.zimperium.com/analysis-of-multiple-vulnerabilities-in-airdroid/
Summary of the vulnerability: a remote attacker can use a hardcoded key inside AirDroid and a man in the middle attack to authenticate as you on AirDroid’s servers and use that to install a malicious update on your device that can do anything the attacker wants. That’s pretty bad.
There’s even a video of the exploit.
Oh, there’s more.
The vulnerability was disclosed over 8 months ago, and in that period of time, AirDroid didn’t fix the issue. They didn’t even bother informing users about the multiple vulnerabilities found in their software. 8 MONTHS!
Not only is AirDroid currently insecure, the creators of AirDroid clearly don’t prioritize security enough.
No wonder their users are angry. Many have lost all trust for AirDroid.
You destroyed our trust
You knew there was a massive security hole for six months and did nothing to fix it
You only responded when you were publicly exposed.
Who knows what other security holes you are ignoring at the moment.
I uninstalled your app straight away. Terrible developers
This is not the first time AirDroid has had a major security vulnerability.
Be safe. Uninstall AirDroid.
For your file transfer needs, try a more secure AirDroid alternative instead, like Feem v4.