Home > Networking > Broadband > Android Wi Fi App Exposed Passwords

A popular Android app that has been downloaded by tens of thousands of Australians has been identified as being able to suck up the password of home networks direct to a master database.

Available from the Google App store the app, called WiFi Finder, works by letting users upload network passwords, so that users can then connect to nearby hotspots.

According to TechCrunch a security researcher discovered a major problem with the app that wasn’t just collecting public network information, but also data from private WiFi networks located in residential areas.

The database containing 2 million records of network passwords was completely unsecured and also included sensitive data like the network’s exact geolocation and its basic service set identifier, TechCrunch noted.

A basic service set identifier is a unique string of characters that helps identify specific access points in wireless network.

Fortunately, the contact information of network owners was not exposed as a result of the vulnerability.

TechCrunch contacted DigitalOcean, the host of the unprotected database, who has since taken it offline.