Over two million passwords has been exposed by Wi-Fi-Hotspot Finder app

Android app used for finding nearby Wi-Fi hotspots has uncovered over two million wireless networks. The app allows users to locate nearby public Wi-Fi hotspots so they can save their precious mobile data.

Users can also upload their own Wi-Fi passwords to the app’s database to share their network with others. It appears that over two million Wi-Fi network passwords were stored in plain text on a server, letting anyone download the database.

An Android app based in China had collected more than two million Wi-Fi passwords from users across the globe. The app called ‘WiFi Finder’ has over 100,000 users, according to its listing on the Google Play Store.

This database of Wi-Fi networks includes the network name, geolocation data, and passwords stored in plain text, apart from other details.

WiFi Hotspot Finder claims to offer public Wi-Fi hotspot details to its users, but it seems like the app has also been collecting passwords to home networks in residential areas.

The app lists hundreds of Indian personal Wi-Fi networks as well. One can easily navigate across a map and locate Wi-Fi networks with passwords presented in plain text. The owner of the Wi-Fi network doesn’t need to grant users any additional permissions. It’s likely that all these users uploaded their private Wi-Fi networks via the app.

If someone gets access to your network, they can easily modify your router’s settings, read unencrypted traffic on your network, switch DNS servers, and more.