An Android App Exposes Over 2 Million Wi-Fi Passwords

An Android App Exposes Over 2 Million Wi-Fi Passwords

Nowadays, being able to connect to the internet is very important. Almost everyone even has data plans from their carriers. But for those who find it expensive and are almost capped off their data, these people resort to public Wi-Fi hotspots to connect to.

Your smartphone can search for available networks, but most of them requires password. There is actually an Android app that can help you locate nearby hotspots as well as other helpful information like passwords and their locations on a map.

But it seems that this Android app called Wi-Fi Finder does more threat than good to the users. As it turns out, it is reported to have leaked over 2 million Wi-F passwords to the public.

Android App Leaks Over 2 Million Wi-Fi Network Passwords

As already mentioned, Wi-Fi Finder is designed to locate and connect to public Wi-Fi hotspots that is nearby the users. This Android app is installed by more than 100,000 Google Play users.

Over 2 Million Wi-Fi Hotspots Leaked
Over 2 Million Wi-Fi Hotspots Leaked

This app has a community feature where users share the Wi-Fi hotspots they found with other users. And that is where the security and privacy problem starts. Included in the features of Wi-Fi Finder is for users being able to upload network passwords.

The app heavily encourages users to share this become part of the community which is in the app description on the Play Store “Be social and share your Wi-Fi hotspots. Add your Wi-Fi network and update.”

Wi-Fi Finder Features A Community Where Users Can Share And Upload Wi-Fi Hotspot Password To Other Users
Wi-Fi Finder Features A Community Where Users Can Share And Upload Wi-Fi Hotspot Password To Other Users

According to security researcher Sanyam Jain, who is part of the GDI Foundation, and as reported by Zack Whittaker in TechCrunch, the database from these uploads of the community was “left exposed and unprotected allowing anyone to access and download the contents in bulk.”

Thankfully, the exposed database did not include any contact information of the the Wi-Fi network owners. Instead, it includes the Wi-Fi network names, the accurate locations and passwords in plaintext

According to Whittaker, “although the app developer claims the app only provides passwords for public hotspots, a review of the data showed countless home Wi-Fi networks”.

What Happens To Users Who Uploaded Wi-Fi Information in the Community?

If you are one of the users who uploaded your home Wi-Fi hotspot information in the community, it means that your Wi-Fi network is exposed to potential compromise and threat. Although there hasn’t been any evidence of any compromises from the leaked database.

Still, users of the app, especially those who have uploaded their Wi-Fi network information are advised to change their passwords immediately. We will never know if there are hackers or other users nearby that are already hitching in to your Wi-Fi network.

Let this incident pose as a warning of why it is not safe to share personal information on the internet – even if it is your Wi-Fi network information. Unless you want others to access it, then refrain from sharing it because you might just expose yourself to people who have bad intentions.

Leave a Reply

Your email address will not be published. Required fields are marked *