Trend Micro has published a report highlighting several serious vulnerabilities in the popular Android SHAREit file sharing application.
This solution allows users to share files with friends or transfer files between personal devices, and according to official statistics, it has been downloaded over 1,000,000,000 times.According to the researchers, bugs in the application can be used to run malicious code on users’ smartphones.
In addition, the application was found to be vulnerable to Man-in-the-Disk attacks, first described by Check Point experts in 2018. This problem lies in the fact that many applications can use external storage, sharing space with other applications. As a result, data can be deleted, edited or altered by intruders.
Unfortunately, all of these SHAREit issues have not been fixed yet because Trend Micro was unable to contact the application developers.
The report emphasizes that the issues do not pose a threat to the iOS version of SHAREit, as this version of the app builds and runs on a different codebase.
Recommendations:
Security should be a top consideration for application developers, enterprises and users. To use the mobile app safely, Trend Micro recommends installing regular updates and patching mobile operating systems and the app itself. Users should also be aware of issues by reading reviews and articles about downloadable applications.
Let me remind you that the ransomware masked itself as a beta version of Cyberpunk 2077 for Android.