ES File Explorer is an app that allows you to browse your android mobile phones or tablets when looking for a specific file, document etc. According to its claim, over 500 million users have downloaded it since 2014, making it one of the most used apps of all times.
A French cyber security researcher, Baptiste Robert, has exposed the app saying that the app is making devices data unsafe. A web server is being run in the background of the device. This could make the Android device easier to be attacked and increase the chances of data theft.
Robert revealed this news in several tweets warning users about the issue. He explained how writing a simple code can aid in extracting files from other devices. This allows to get data even from the memory card and also lets you launch an app on the victim’s device.
On the other hand, ES File Explorer has remained silent on this issue even after being contacted.
The devices cannot be exploited by anyone, rather they have to be on the same network. Meaning, the victim and exploiter have to be using the same WiFi when using the script to attack the device. Another way is that some malicious app could make devices vulnerable and users of ES File Explorer can be attacked.
This has proved to an alarming situation for many Android users who have downloaded the app.
Read Next: Two Factor Authentication Still Hackable Says Knowbe4 Chief Security Officer
A French cyber security researcher, Baptiste Robert, has exposed the app saying that the app is making devices data unsafe. A web server is being run in the background of the device. This could make the Android device easier to be attacked and increase the chances of data theft.
Robert revealed this news in several tweets warning users about the issue. He explained how writing a simple code can aid in extracting files from other devices. This allows to get data even from the memory card and also lets you launch an app on the victim’s device.
On the other hand, ES File Explorer has remained silent on this issue even after being contacted.
The devices cannot be exploited by anyone, rather they have to be on the same network. Meaning, the victim and exploiter have to be using the same WiFi when using the script to attack the device. Another way is that some malicious app could make devices vulnerable and users of ES File Explorer can be attacked.
This has proved to an alarming situation for many Android users who have downloaded the app.
Read Next: Two Factor Authentication Still Hackable Says Knowbe4 Chief Security Officer
