SHAREit has not responded to the publication even after three months of the vulnerabilities being spotted. Researchers at Trend Micro even mimicked a hack, after which the publication informed SHAREit about the vulnerability. This is because when a user downloads the app in the download center, it goes to an external directory, which means any app can access it with SDcard write permission. SHAREit is also susceptible to a man-in-the-disk (MITD) attack, the report said. This can also be used to install a malicious app on an infected smartphone. Hackers can also install third-party apps secretly on a phone due to these flaws in ShareIt. Further, it said that files in a specific folder can be freely accessed by anyone as the developer has specified a wide storage area root path. They said that these flaws can allow any third party entity to gain temporary read/write access to the data of the content provider. Folks at Trend Micro also delved into the code of SHAREit’s Android app to find the vulnerabilities. This comes at a time when SHAREit is facing a ban in the US over security concerns of US citizens.Īccording to a report in a website named Trend Micro, Google has been informed about the vulnerabilities. SHAREit has more than 1 billion downloads on the Google Play Store and was also named as one of the most downloaded app of 2019. According to a recent report, the vulnerability in SHAREit allowed attackers to leak a user’s sensitive information, execute an arbitrary code remotely, read or overwrite the app’s local files, and even allow for third-party APKs to be installed. Popular file-sharing app SHAREit has been found to have security flaws that are making users vulnerable to online attacks.
0 Comments
Leave a Reply. |