Google ships WannaCrypt for Android, disguised as Samba app

Who thought SMBv1 was a good idea? Come on, fess up

[Not that kind of Samba – ed.]

Perhaps noticing the popularity of Samba apps for Android, Google's decided to plant its own flag in the space, and yesterday released its official Android Samba Client.

It landed on Google Play here, and almost immediately users noticed something worrying. It only supports SMBv1 shares.

SMBv1 is known to be exploitable (WannaCrypt and NotPetya both leveraged insecure SMBv1 shares to infect vulnerable Windows machines).

Last year, Redmond's Ned Pyle put it simply: Stop using SMBv1.

This made Google's decision so odd, The Register wondered if the app were faking the Google brand, but no: the source code linked from the app is at the Chocolate Factory's GitHub repo.

Android Police spotted the app but didn't notice the feature straight away. However, when someone pointed it out, AP's Corbin Davenport tested it against an SMBv2-only environment: “I'll disable SMBv1 on my home server and try to connect to it again. Edit: Nope, it doesn't connect. Ugh.”

Ugh, indeed. ?


Biting the hand that feeds IT ? 1998–2017

  • 1015111305 2018-02-19
  • 6607141304 2018-02-19
  • 5587621303 2018-02-19
  • 6265761302 2018-02-19
  • 6666351301 2018-02-19
  • 3788381300 2018-02-19
  • 9596221299 2018-02-19
  • 1153531298 2018-02-19
  • 8253311297 2018-02-19
  • 1614291296 2018-02-19
  • 107351295 2018-02-18
  • 9487041294 2018-02-18
  • 7763841293 2018-02-18
  • 5836761292 2018-02-18
  • 615581291 2018-02-18
  • 5081161290 2018-02-18
  • 321961289 2018-02-18
  • 776731288 2018-02-18
  • 9075261287 2018-02-18
  • 3005511286 2018-02-18