The SHAREit file sharing app for Android has a lack of remote code

Application security, fraud management and cybercrime, fraud risk management

Trend Micro: Users face the risk of data theft

Akshaya Asokan (COM)asokan_akshaya) •
February 17, 2021

SHAREit Enter the Android application on Google Play

A remote code vulnerability in the Android version of the SHAREit file-sharing app could allow hackers to interfere with app permissions, allowing them to steal sensitive data, a security firm Reports Trend Micro.

See also: On – demand webinar Cisco: A handy tool for managing your security investments

SHAREit, developed by the eponymous application manufacturer based in Serbia, is a multi-platform exchange application that has had a billion downloads on mobile phones. Trend Micro, which notified the software maker of the shortcoming three months ago, says the company has not yet responded. The Android version of the app is currently not available for download from the Google Play Store.

Application vulnerability

Trend Micro has discovered a vulnerability in the broadcast component of a file-sharing application.

Research that the researcher has shown as a concept concept has shown that attackers could exploit a vulnerability to access downloaded information. They could tamper with the app’s permissions to steal sensitive data about how the SHAREit app is used.

“Worse, the developer specified the root path of the wide storage area. In this case, all the files in / data / data / the directory is freely accessible, “the report said.

In addition, attackers can use this permission control to install the Android Package Kit, which can be used to insert a malicious application and perform man-in-the-middle attacks, Trend Micro reports.

Attackers could exploit the vulnerability in a number of ways, says Burak Agca, an engineer at security firm Lookout. “Attackers still have the opportunity for the opportunity represented by the gap between detecting vulnerabilities in applications or devices and delivering a patch to fix the problem,” Agca says. “Without mobile security, it’s not possible for organizations to close this gap.”

IT and security teams should perform a risk analysis before setting up any mobile app, Agca says. “This incident is a classic example of how a vulnerable application can lead to compromising an entire mobile device,” he says. “It could at least lead to a loss of corporate data. However, a more advanced attack could further compromise.”

Android threats

Hackers and advanced persistent threat groups are increasingly targeting Android users for cyber espionage and other malicious activities.

This month, researchers at security firm Netlab identified an undocumented botnet called “Matryosh” that targeted vulnerable Android devices to help build its network so it could carry out distributed denial-of-service attacks (see: A recently discovered botnet targets Android devices).

In December, security firm ReversingLabs identified a new variant of Iranian-APT-linked Android spyware with fresh features, including the ability to view private chats on Skype, Instagram and WhatsApp (see: Iranian spy software associated with private chats).