The world’s top companies use wandera Learn Why Try Wandera for Free

Who else is watching your flightpath?

Who else is watching your flightpath?

1600 800 Liarna La Porta

For flying enthusiasts and trainee pilots, SkyDemon is a popular solution that offers VFR flight planning and in-flight navigation. But Wandera has discovered the app and website might be leaving users vulnerable to data theft.

Although the audience for this kind of software seems quite niche, the SkyDemon app has a significant market penetration with up to 50,000 downloads.

Download the SkyDemon Threat Advisory

SkyDemon

How does it work?

Wandera researchers have discovered that the communication of the mobile application with the backend is done in plain-text, and that the only protected parameter is the password. This protection is in place during the login procedure. The password is hashed with the SHA1 algorithm, then base64 encoded.

Unfortunately this constitutes a poor means of protection, although the plain-text password is not revealed. The login procedure is susceptible to a “pass the hash” attack. This type of attack is a hacking technique that allows an agent to authenticate to a remote service just by using the underlying hash of a user’s password, instead of requiring the associated plaintext password as is normally the case.

If the SkyDemon app becomes compromised, a hacker could use the exposed information to track and spy on users.

This data could lead to other sensitive information being leaked, such as flight plans, aircraft model registration details and even behavioural patterns like favourite destinations. All the flight related information simply comes on top of the already exposed personal information.

SkyDemon

What’s being exposed?

The following personally identifiable information (PII) is exposed during the login procedure on the mobile application:

  • Username
  • Base64 encoded SHA1 Password

The following PII is exposed during the “Password Reset” functionality on the mobile application:

  • E-mail

The following PII is exposed when a user requests for a free trial through the website:

  • E-mail
  • First, Last Name
  • Country

What can you do?

Businesses should have an active mobile security service deployed. MDMs are able to restrict access to certain apps, but are unable to limit access to websites. These technologies should have filtering and blocking functionality that happens at the data level to block traffic to both leaky apps and vulnerable websites.

The latest mobile threats that you should know about

Our Threat Advisories present useful information on new mobile threats, their implications and practical steps for remediation and prevention, enabling you to swiftly address each new threat before it impacts your business.

Learn MORE

Liarna La Porta

Liarna La Porta

Liarna La Porta leads content marketing at Wandera. As Editor of Wandera’s blog, Liarna keeps the content ticking that makes Wandera a reliable news source for mobile security professionals. Her passion for helping tech start ups in all aspects of marketing and PR is reflected in the expert industry coverage she provides.An Australian adventurist at heart, Liarna has been in the Marketing and PR industry for over six years working from Melbourne, Sydney, London and San Francisco, soaking up the expertise required for her global role at Wandera.

All stories by:Liarna La Porta
Liarna La Porta

Liarna La Porta

Liarna La Porta leads content marketing at Wandera. As Editor of Wandera’s blog, Liarna keeps the content ticking that makes Wandera a reliable news source for mobile security professionals. Her passion for helping tech start ups in all aspects of marketing and PR is reflected in the expert industry coverage she provides.An Australian adventurist at heart, Liarna has been in the Marketing and PR industry for over six years working from Melbourne, Sydney, London and San Francisco, soaking up the expertise required for her global role at Wandera.

All stories by:Liarna La Porta