SHAREit App Puts Android Users At Risk

Philip BaderVulnerabilitiesLeave a Comment

A report released this week by IT security company Trend Micro announced the discovery of several critical security vulnerabilities in a mobile app for Android devices called SHAREit. The app, which has been downloaded more than a billion times on Google Play, bills itself as the fastest cross-platform file-sharing app in the world.

Trend Micro said the vulnerabilities could allow the leak of sensitive user data and the exploitation of permissions in the app to gain full device access for remote attackers. The vulnerabilities were first reported to the app developer three months ago, according to the report, but have still not been patched.

News about the SHAREit app vulnerabilities follows an earlier report about another popular Android app called Barcode Scanner. A recent update to the app delivered malware that uses the designated mobile web browser on users’ phones to deliver out-of-app advertisements. Prior to the update late last year, the app functioned without incident and was well-reviewed.

Specifics about SHAREit Vulnerabilities

Researchers at Trend Micro found a problem with a broadcast component in the app. Using purpose-built code, researchers found this component, along with other irregularities in the storage area root path, could result in remote access to private app functions and the ability of any third party to “again temporary read/write access” and “overwrite existing files in the SHAREit app.”

These vulnerabilities could also be manipulated to allow the download and installation of any Android application package, or APK. This could lead to potential man-in-the-middle or man-in-the-disk attacks. These exploits allow remote attackers to intercept data that moves between the app and an Android device’s external storage and replace it.

Trend Micro further notes that SHAREit is also a gaming platform. Users of the app can download other gaming apps. But these are not limited only to official Google Play apps. They include third-party vendors, whose apps would not be subject to the same security measures Google enacts for its Play store apps.

A ‘Security Nightmare’

As a recent analysis of the Trend Micro report noted, part of the problem with the SHAREit app is the broad range of permissions it requests from users. The app “requests access to the entire user storage and all media, the camera and microphone, and location. It can also delete apps, run at startup, create accounts and set passwords,” according to the analysis.

While the SHAREit app continues to advertise as a file-sharing platform with unrivaled transfer speeds, that is clearly not the main priority. The description on Google Play includes “Infinite Online Videos,” “Discover Trending Music,” and “GIFs, Wallpapers & Stickers” among its many inducements to potential users.

Trend Micro’s discoveries have been submitted to SHAREit’s developer, but no action has subsequently been taken. “We decided to disclose our research three months after reporting this since many users might be affected by this attack because the attacker can steal sensitive data and do anything with the apps’ permissions. It is also not easily detected,” the report said.

Next Steps

Given that no response from the SHAREit developer has yet been received to the raising of serious security vulnerabilities, it’s probably wise to delete the app from your Android device if you have it installed. It’s part of good digital hygiene to review the apps you currently have installed to eliminate those that you don’t use frequently.

More importantly, make sure you examine the permissions required of apps before you download them. Google Play includes a link to permissions information, and you can easily review how intrusive or free-ranging an app’s requirements are before committing to a download.

SecureData has provided its customers innovative solutions for their data security needs for more than a decade. Our comprehensive approach to data security covers industry-leading hardware-encrypted data storage devices, remote drive management and cloud storage capabilities, as well as cutting-edge data recovery and file repair software options for any kind of data loss scenario.

Call us at 1-800-520-1677 to speak to one of our data security experts and learn more about how to keep your data protected.