Tens of thousands of users of the password manager called Password Cloud – both free and paid versions are at risk of having their secret information leaked. Due to a number of serious flaws in the app’s design and implementation, it is easy for a potential attacker to reach the credentials, credit cards, contacts or images stored on the user’s device.
We reported our findings to the app’s developer in June 2018.
The Password Cloud app which is intended to store its clients’ ultra-sensitive information utilizes AES 265-bit encryption, which is considered standard technology for such applications. However, it is possible for an attacker to retrieve any information stored in this app, including the password securing the app itself.
There are two fundamental security issues with the Password Cloud application.
First, it outputs almost all entered sensitive information to the system log (they are logged right from the user’s input), making those “secrets” easily available.
Second, the key to decrypt the database with passwords is hardcoded in the app – and to top this off, the app creates a copy of the database on external storage.
Once the user creates their very first password to access the app, this password would be leaked in a system message which can be viewed “as plaintext” via logcat
If a wrong password is entered in the authentication process, the correct password is output to the particular system log message.
As a result, anyone who can access the system log and read its contents can take over the password manager. For Android versions lower than 4.1, all apps installed on the same device, even without root permission, can read all these logs and filter them for sensitive information. For Android 4.1 and above, apps need elevated privileges to be allowed to read logs.
Particular “secrets” (credentials, contacts, credit cards, secret codes, media files etc.) also can be leaked via the same mechanism. After the user inputs a new “secret” into the app, it creates a log entry from which, again, the “secret” can be easily retrieved.
The passwords – both original passwords and the master password” that allows access to them– are stored in an encrypted database. This database is stored in the app’s data section (/data/data/password.cloud/databases/) and is accessible only by this application. Such a design is standard; however, the app also copies this database (Password_Cloud.db and Password_Cloud_backup_RenameToUse.db) to external storage where it could be accessible to anyone.
The reason for this is unknown; probably, it is residual functionality, originally meant for testing purposes and then was overlooked during subsequent development. This bug alone would not pose any significant security risk – provided that the databases were properly encrypted. Unfortunately, that is not the case. Although the databases are encrypted, the key to decrypt them is hardcoded into the app. On top of this, the key is universal so once an attacker gets hold of the key, they can retrieve all the passwords from any user of the Password Cloud app.
Naturally, this insecurity could be misused either by an attacker with physical access or via a malware attack. Another bad security practice by the Password Cloud developers, and the most devastating one for those who would get rid of the app, is that both these poorly encrypted databases survive the removal of the app. This means that even after the user removes the Password Cloud from their device, the databases remain accessible on the external storage.
Insecure server side
We also discovered that, unfortunately, the developer’s own infrastructure is no less insecure than their password manager app. We found two severe security flaws in the Password Cloud’s backend: one allowing a Cross-Site Scripting (XSS) attacks and second allowing a Man-in-the-Middle (MitM) attacks.
The XSS flaw, widely considered one of top web app security risks, could be misused by forging the downloading link (that leads to the binary of Password Cloud), pointing the user to different software. The malicious link can be sent in mail or via social media apps.
As for the vulnerability to MitM attacks, it was introduced by wrong settings which make the app to connect to its server using unsecured HTTP connection instead of secure HTTPS protocol. In result, the attacker with access to the same network can exploit it to exchange the requested link to a malicious one.
All users of the Password Cloud application (both free and paid versions) are vulnerable. Their secrets are at risk and may even have been leaked already. We recommend to avoid this app. For all users, we recommend to uninstall the app and change all the passwords, PINs, etc. that were stored in it.
2018-06-27: First notification about security issues. No response.
2018-11-21: Second notification about security issues with a detailed report provided.
2019-02-25: Public disclosure.