The Internet has become a crucial and vital part of our lives. We use it to connect with our friends. We use it to work and share media files. We also use it for entertainment. Unfortunately, it’s not free. We need to pay good money for a reliable Internet connection. So, it is no surprise why many of us often look for free WiFi spots to be able to move on with our day-to-day activities.
But since free WiFi spots are rare, we use apps that help us find free WiFi networks nearby. One popular app is WiFi Finder.
The WiFi Finder App
WiFi Finder is a free app that helps you stay online all the time. It has been downloaded by about 100,000 users because it can identify free and secure WiFi spots around you. Since it was launched, it has collected a large number of WiFi passwords, which have all been contributed by its users.
Knowing what WiFi Finder can do, you might be tempted to install and use it. However, we suggest that you think again. According to recent reports, this Android app has leaked 2 million private WiFi passwords online.
This app of Chinese origin is said to ask users to upload network and WiFi passwords before they can become part of the WiFi community.
It was Sanyam Jain of the GDI Foundation who first reported on this incident. He said that the database of this app with millions of passwords has been left exposed and unprotected. This means anyone could freely access and download them in bulk.
2 Million Private WiFi Passwords Leaked
Although the exposed database did not include any personal contact information, it contained the names of millions of WiFi networks, their exact locations, and their passwords saved in plain text.
This may not sound alarming at first, but when you look at the bigger picture, you will soon realize what’s at stake. For advanced computer users, especially hackers, all this data is more than enough to help them gain access to a computer and retrieve whatever information they can find there.
An attacker, after gaining complete access to a certain network, may modify the network’s router settings. After that, they can lure the users into going to malicious websites. They can also scan all unencrypted traffic in the network and steal personal information, passwords, and other sensitive data.
The Real Problem
Apparently, these 2 million passwords leaked by the WiFi Finder app suggest three things. First, users are inadvertently uploading their private WiFi network passwords not knowing the risks involved. Second, the app’s developers have failed to secure the database. Third, the developers also failed to observe and follow the basic internet security rules, such as not storing unencrypted passwords.
It is worth noting, though, that even if there is a possibility of an attack here, there is no evidence yet of any problems that resulted from the database leakage. After the issue was identified, the database of the app was taken offline. The cloud hosting provider of WiFi Finder decided to do so after TechCrunch did not receive any response from the developer within a two-week period.
What You Should Do
If you have not yet downloaded and installed the WiFi Finder app, then good for you. There is nothing much you should be concerned about. If you have, change your WiFi password as soon as you can.
After changing your WiFi password, we suggest that you download and install a reliable Mac repair tool. Although not necessary, having this tool on your Mac can help fix any potential problem that may be triggered by the installation of the WiFi Finder app.
5 Ways to Secure Your WiFi Network
To prevent any possibility of an attack, here are some easy ways to secure your wireless network connection:
1. Access the Admin Panel via the Ethernet.
You can easily log into your router’s admin panel by going to your web browser, typing your IP address, and providing your administrator credentials. Though there is nothing wrong with this, it pays to take preventive measures.
When logging into your admin panel over a wireless network, all the information you provide is sent online, which means there is potential for interception. By logging in to your admin panel via the Ethernet, you can reduce the risks.
2. Change Your Default Admin Password.
Your router usually comes with a default username and password. It is the information that you will use to set up your router for the first time. After you have configured your router, change your admin login credentials. Don’t worry because you can always revert to the default login details when you reset your router to its factory settings.
3. Change Your Default SSID.
Aside from changing your default administrator password, you should also change your router’s SSID. It is the public name that appears when searching for WiFi networks within your range.
More often than not, routers have default SSIDs that are named after the provider’s name or the router’s model. Make sure you change them so that others will have a hard time identifying your network.
4. Encrypt Your Router with WPA2 and AES.
Routers have this handy feature called encryption. Although there’s nothing wrong with not using it, neglecting to use it can put your information at risk. Everything you do online can be seen or heard by anyone who cares enough to do so.
5. Activate Your Router Firewall.
A firewall carefully checks any incoming network data and screens anything that it deems unsafe. Make sure you enable it to ensure nothing suspicious comes through.
The Bottom Line
Let this incident serve as a warning for you to never download apps from unknown or untrusted developers. Most importantly, do not ever share your WiFi credentials with anyone, unless you want your network to be accessed.
Did you install the WiFi Finder app? If you did, what actions did you take to prevent any possible attack? Share your thoughts with us below!