ES File Explorer android app snoops data to China Unicom network via insecure HTTP

fulldisclosure logo
Full Disclosure
mailing list archives

ES File Explorer android app snoops data to China Unicom network via insecure HTTP


From: seclists () email tg

Date: Sun, 30 Apr 2017 16:07:26 +0000


Hi,

With the ES File Explorer android app (https://play.google.com/store/apps/details?id=com.estrongs.android.pop 
(https://play.google.com/store/apps/details?id=com.estrongs.android.pop)) installed on my phone, when I monitored the 
network connections on my phone via the Network Connections app 
(https://play.google.com/store/apps/details?id=com.antispycell.connmonitor 
(https://play.google.com/store/apps/details?id=com.antispycell.connmonitor)), I found that it frequently transferred 
data to an IP address (123.125.114.8) on the Chinese state owned China Unicom network 
(https://www.whois.com/whois/123.125.114.8 (https://www.whois.com/whois/123.125.114.8)) via insecure HTTP connection. 
This is a privacy risk, as anyone can monitor the data exchanged over this unencrypted link & also constant data 
exchange with this IP address raises spying concerns. 

Attached is a screenshot of the Network Connections app showing the insecure HTTP connection used by the ES File 
Explorer app.

Thanks.


_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

  By Date  
     
  By Thread  

Current thread:

  • ES File Explorer android app snoops data to China Unicom network via insecure HTTP seclists (May 04)

Source: Full Disclosure @ May 4, 2017 at 03:48PM

0
Share