In fact, according to App Annie, SHAREit was one of the top 10 most downloaded apps in the world in 2019. The file-sharing app, which lets users exchange photos, music, videos and GIFs, in total has 1.8billion users worldwide. Google has been informed of these vulnerabilities."Īccording to the Google Play Store, the last time SHAREit was updated was on February 9, which was prior to the Trend Micro research was published. "SHAREit has over 1 billion downloads in Google Play and has been named as one of the most downloaded applications in 2019. By manipulating how apps in the Android ecosystem talk to each other, they found that the ShareIt app would share way. According to researchers, the app contains multiple unpatched vulnerabilities that hackers could abuse to run malicious code on devices where the app is installed and expose sensitive user data. Trend Micro researchers discovered this vulnerability by doing it themselves. The app has over one billion downloads on Google Play Store. While the app allows the transfer and download of various file types, such as Android Package (APK), the vulnerabilities related to these features are most likely unintended flaws. Trend Micro researchers have identified a bug in the Android file sharing app SHAREit. "In the past, vulnerabilities that can be used to download and steal files from users’ devices have also been associated with the app. They can also potentially lead to Remote Code Execution (RCE). The vulnerabilities can be abused to leak a user’s sensitive data and execute arbitrary code with SHAREit permissions by using a malicious code or app. Google could, technically, remove SHAREit from the Play Store if it is found to be compromising users’ privacy.Outlining their findings online, Trend Micro said: "We discovered several vulnerabilities in the application named SHAREit. Trend Micro also shared the findings with Google, though it is unclear what the company’s response was. ShareIt has Major Security Issues even though its one of the most popular apps in the ecosystem, boasting over a billion downloads from Googles Play Store. At this point, unless SHAREit fixes the issues, it would be best for users to delete the app and its accompanying files from their phone. However, the firm said it didn’t receive a response from the company in over three months and hence decided to disclose it on their website. The vulnerabilities were found by security firm, Trend Micro, who first reported them to the company itself. Attackers can exploit such a vulnerability to steal user data or spy on people who use such apps. It leaves them open to deletion, modification and replacement. These happen when the resources of an app are stored without proper security measures, at shared locations on the disk. SHAREit download page in Google Play Figure 2. Google has been informed of these vulnerabilities. The vulnerabilities can be abused to leak a user’s sensitive data and execute arbitrary code with SHAREit permissions by using a malicious code or app. SHAREit has over 1 billion downloads in Google Play and has been named as one of the most downloaded applications in 2019. We discovered several vulnerabilities in the application named SHAREit. The app also leaves users open to man in the desk attacks, which were first found back in 2018. Users are advised to download the latest version of the app available in Google Play Store. ShareIt has been downloaded over a billion times from the Play Store, and, according to App. Open in Photo Lab Get Photo Lab app to apply these effects to your photos. ShareIt 52 Trend Micro says it has found 'several' security flaws in the popular Android app ShareIt. Join our community and start creating your own edits. The bugs in the app could be used to run malicious code on smartphones, send unwanted commands and perform a man-in-the-middle attack, which is where attackers intercepts messages and other data by putting themselves between the victim and a server where data is being sent to.Īccording to the report, the cause of the vulnerabilities were lack of restrictions on who can access the app’s code. Thousands of combinations of top-notch photo effects, filters & face montages to garnish your photos. While file sharing has moved to the cloud for many, SHAREit remains a popular application, especially in countries like India. The vulnerabilities affected the Android version of SHAREit, which had been downloaded over a billion times across the world. Formerly Lenovo owned data sharing app, SHAREit, has multiple unpatched vulnerabilities that the app makers failed to fix for over six months, says a new report.
0 Comments
Leave a Reply. |