- Reports are circulating this week about a new Android app to be wary of – it’s called SHAREit, an app that has both an iOS and Android version, and it has been downloaded from the Google Play Store more than 1 billion times.
- Security firm Trend Micro released a report on the app citing a number of security flaws that the company says have not been patched for at least a few months.
- The security issues include the possibility that the app can be used for remote code execution, as well as leaking a user’s sensitive personal information.
If you happen to have the SHAREit app installed on your phone, you̵
Trend Micro says the vulnerabilities in the Android version of the app, which has been downloaded more than 1 billion times, “can be exploited to leak a user’s sensitive data, execute arbitrary code and possibly lead to remote code execution.” And while the issues have not been resolved at the time of writing, Google has reportedly been told about the issues. It is also important to note – none of this applies to the iOS version of the app, per Trend Micro.
Today’s top offer Amazon has Purell at the lowest price since the coronavirus pandemic first started List price:$ 55.07 Price:$ 43.00 ($ 0.30 / Fl Oz) You save:$ 12.07 (22%) Available from Amazon, BGR can receive a commission Available from Amazon BGR can receive a commission
SHAREit, which lets you share files with other users who have the same app on their phone, was named one of the most downloaded apps in 2019. Nevertheless, this new report states that the vulnerabilities discovered “can be abused to leak a user’s sensitive data and executes arbitrary code with SHAREit permissions using a malicious code or app … In the past, vulnerabilities that can be used to download and steal files from users’ devices have also been associated with the app. file types, such as Android Pack (APK), the vulnerabilities associated with these features are likely to be unintentional errors. ”
The problem is caused by a maliciously crafted app or code installed on the Android device in question, which can exploit SHAREit vulnerabilities. Included in the Trend Micro report was a screenshot of the SHAREit Google Play Store page showing a recent app update on January 26 this year. As of Tuesday, February 16, the Google Play Store page for the app shows that the app was updated on February 9.
“We decided to disclose our research three months after reporting this, as many users may be affected by this attack because the attacker could steal sensitive data,” Trend Micro’s Echo Duan and Jesse Chang wrote in their report.
Today’s top offer Special coupon cuts 20% of KN95 masks that Amazon customers are obsessed with List price:$ 26.99 Price:$ 21.59 You save:$ 5.40 (20%) Available from Amazon, BGR can receive a commission Available from Amazon BGR can receive a commission