Hotspot Finder App Blabs 2 Million Wi-Fi Network Passwords
(Apr 23, 2019)
Security researcher, Sanyam Jain, discovered that the popular WiFi finding application, "WiFi Finder," was leaking users' information due to an insecured database. The database stored users' network passwords and geolocation data, although no user contact information was accessible. Over two million passwords were discovered on this unprotected database, though it is unclear whether it was accessed by unauthorised users or not. The security researchers were unable to contact the developer of the application, however, the database was pulled offline after communication with the host.
Recommendation: Databases should not be directly accessible over, or connected to the internet. Protect these services with authentication, do not allow guest or anonymous login. For web applications that are accessing database data, make sure all user-supplied data is sanitized to prevent SQL injections. Actors can use this information to coerce more personal data from the victim.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.