SHAREit App Exposes Android Users to Malware and Spying

Posted on by Dawna M. Roberts in News March 02, 2021

The popular SHAREit Android app has been downloaded more than one billion times. In fact, it is one of the most popular apps on the Google Play store. However, it is full of bugs that expose users to malware and spyware

What is Going On?

SHAREit Malware

According to Threatpost, the flaws allow attackers to “hijack app features or overwrite existing files to execute malicious code, or launch man-in-the-disk (MiTD) attacks on people’s devices, researchers discovered.”

Even though researchers at Trend Micro alerted the app developer months ago about the dangerous vulnerabilities, they have yet to patch them. Trend Micro posted about this on their blog on Monday.

In their report, Trend Micro said, “We discovered several vulnerabilities in the application named SHAREit. The vulnerabilities can be abused to leak a user’s sensitive data and execute arbitrary code with SHAREit permissions by using a malicious code or app. They can also potentially lead to Remote Code Execution (RCE). In the past, vulnerabilities that can be used to download and steal files from users’ devices have also been associated with the app. While the app allows the transfer and download of various file types, such as Android Package (APK), the vulnerabilities related to these features are most likely unintended flaws.”

Anyone interested in the technical details of the flaws and the resulting exposure can read all about it here

What is the SHAREit App?

SHAREit is an Android app available on the Google Play store that allows Android users to quickly and easily share different types of files between mobile devices. It claims you can transfer photos, videos, music, and installed apps. The app also includes a built-in video and music player. It even contains GIFs, wallpaper, and stickers to boot.

However, over the past month, the internet has lit up with stories of how poorly SHAREit is coded and the numerous flaws causing all types of trouble for Android phone users. 

Tech heavy hitters like Gizmodo and ZNet have also chimed in to ring the alarm bell so that users will stop using the app until it is properly fixed. 

According to Gizmodo, SHAREit was developed by “Singapore-based developer Smart Media4U.” The trendy IT publication also claims that “Trend Micro researchers discovered this vulnerability by doing it themselves. By manipulating how apps in the Android ecosystem talk to each other, they found that the ShareIt app would share way too much information, revealing a user’s “arbitrary activities, including ShareIt’s internal (non-public) and external app activities.” In various ways, these security flaws could ultimately be “abused to leak a user’s sensitive data and execute arbitrary code with ShareIt permissions.”

How Has SHAREit Responded?

Unfortunately, even after they have received detailed information on these multiple flaws, the app developer has done nothing to patch them. All the tech publications discussing this issue raise questions about why the developer is not addressing the issues. Currently, SHAREit is receiving a lot of criticism for its handling of the situation. 

In January of 2021, the Trump administration hinted that the app was linked to Chinese hackers and blacklisted it. They implied that the app was designed to provide an avenue for data mining and access. Gizmodo mentioned that the app has been banned in India and that the primary user base stems from Africa, Asia, and the Middle East, not the U.S. 

How Can App Users Stay Safe?

This incident shows that you cannot be too careful or trust even the most popular apps. Some best practices for app use are:

  • Never download apps from untrusted sources.

  • Keep abreast of tech news and watch for reports of vulnerabilities. Delete any unpatched or flawed apps.

  • Keep your device updated with the latest OS patches and security software.

  • Install good antivirus software and run deep scans often.

  • Use common sense and if you think your device has been tampered with, consult professional technicians to clean it.

About the Author
IDStrong Logo

Related Articles

Instagram Vulnerability Allowed Hackers Access to Control Your Phone

Security experts Check Point Research discovered a critical vulnerability while examining Instagram’s c... Read More

Alien Malware Infects More than 226 Mobile Apps and Steals Bank Data

As reported on September 24, 2020, by ZDNet and ThreatPost, a new strain of malware named “Alien” is ... Read More

Universal Health Systems Hit by Ransomware Attack

Universal Health Systems (UHS), a Fortune 500 company owning more than 400 hospitals across the country, ... Read More

Exchange Server Bug Exposes a Big Risk to Hackers

Months after Microsoft released a patch to fix a serious flaw in MS Exchange Server, more than 61% of the... Read More

Scan Your Records for Breaches, Leaks & Exposures!