SHAREit Security Flaw Can Expose Sensitive Data
According to a report by Trend Micro, SHAREit is a kind of app that requires the user to give permissions to several data and sensors on a smartphone. As a result, the app, as per the report, has access to a user’s entire storage including personal files, media, and other documents. It can even access your smartphone’s camera and microphone, create accounts, and set passwords. Due to this long list of granted-permissions, SHAREit has access to almost your entire smartphone and the things that you store in it. So, the report states that using one of the many vulnerabilities in the app, an attacker could essentially take over your entire device and run malicious code remotely. Now, although the vulnerabilities exist in the app, the developers have done nothing to rectify them. In fact, they did not even think to limit SHAREit’s content-provider capabilities which is one of the sole factors that can give attackers access to the app’s “private” directory. As per the report, “the developer behind this disabled the exported attribute via android:exported=”false”, but enabled the android:grantUriPermissions=”true” attribute. This indicates that any third-party entity can still gain temporary read/write access to the content provider’s data.” So, an attacker can simply call on the app’s content-provider and pass it a file path to gain access to all of its data and files. Moreover, the attacker, using this vulnerability, can switch install packages of downloaded apps with a malicious app. This way, users will download and install a malicious app on their device without even knowing.
10 Best SHAREit Alternatives
SHAREit is one of the most downloaded apps in the Play Store, boasting over 1 billion downloads. However, if you are included in that 1 billion, we would recommend you uninstall it right away. You can use various other file-sharing apps that are secure and will not compromise your files and data. So, check out our list of the 10 best SHAREit alternatives you can use.
