- Joined
- Feb 21, 2013
- Messages
- 10,468
- Reaction score
- 13,888
Why is one of the most popular Android apps running a hidden web server in the background?
ES File Explorer claims it has over 500 million downloads
under its belt since 2014, making it one of the most used apps to date. It’s simplicity makes it what it is: a simple file explorer that lets you browse through your Android phone or tablet’s file system for files, data, documents and more.
But behind the scenes, the app is running a slimmed-down web server on the device. In doing so, it opens up the entire Android device to a whole host of attacks — including data theft.
The obvious caveat is that the chances of exploitation are slim, given that this isn’t an attack that anyone on the internet can perform. Any would-be attacker has to be on the same network as the victim. Typically that would mean the same Wi-Fi network. But that also means that any malicious app on any device on the network that knows how to exploit the vulnerability could pull data from a device running ES File Explorer and send it along to another server, so long as it has network permissions.
source
Researcher shows how popular app ES File Explorer exposes Android device data
more info
Here's why we're removing ES File Explorer from our best apps lists | AndroidPIT
Other option
MiXplorer