AirDroid patches a contact card vulnerability that could let attackers steal your phone's data
The malware sneaks in malicious code when contact information is sent through SMS, instant messages, or email.
AirDroid is the latest target in the never-ending battle against Android malware. The popular desktop-to-mobile syncing tool recently patched a phone data hijack and malicious code execution scheme, originally uncovered by security firm Check Point.
The attack works by sending a message with nefarious code hiding inside of a contact card (vCard). The attacker can then execute the code and steal data if the receiver opens the card accessed via AirDroid.
After Check Point alerted AirDroid to the issue, the AirDroid team pushed out version 3.2 of the its Android app, which repairs the breach. Along with ensuring that the desktop software is up to date, you should also check that you have the latest build of AirDroid from the Google Play Store.
Why this matters: Sometimes the danger is overblown, but the security situation on Android is worth paying attention to. Android’s open nature makes it susceptible to a number of attacks, although Google and other top OEMs have stepped up their game by offering monthly security updates. There’s no need to go back to pencil and paper, but it’s a good practice to be aware of the latest threats.
For comprehensive coverage of the Android ecosystem, visit Greenbot.com.