Android Wi Fi App Exposed Passwords
A popular Android app that has been downloaded by tens of thousands of Australians has been identified as being able to suck up the password of home networks direct to a master database.
According to TechCrunch a security researcher discovered a major problem with the app that wasn’t just collecting public network information, but also data from private WiFi networks located in residential areas.
The database containing 2 million records of network passwords was completely unsecured and also included sensitive data like the network’s exact geolocation and its basic service set identifier, TechCrunch noted.
A basic service set identifier is a unique string of characters that helps identify specific access points in wireless network.
Fortunately, the contact information of network owners was not exposed as a result of the vulnerability.
TechCrunch contacted DigitalOcean, the host of the unprotected database, who has since taken it offline.