The cybersecurity giant Trend Micro has found that the world’s No.1 file transfer App SHAREit has a backdoor where a hacker can easily access files or install malicious apps on user’s devices. If you are using it, uninstall it right away. This file-sharing app can leak a user’s sensitive data and can also exhibit arbitrary code with SHAREit permission.
As per a report by Trend Micro, SHAREit asks for many permission on Android to provide its full features. Upon getting access to the permission, share it will have access to storage and also has access to all media including camera access, microphone, location info and many more. It can even delete other apps, run at startup, create accounts, and set passwords. Due to this list of permissions, attackers gain almost complete access to your phone and all your sensitive data. It also lets attackers enforce malicious code remotely.
Source: Trend Micro
Trend Micro claims that an attacker may compose a fake app file, therefore replace those files via the previous vulnerability to perform code execution. However, the developers behind Shareit haven’t given much thought to limit the app’s content-provider capabilities, which can give attackers access to all files in SHAREit’s private directory
Trend Micro has already revealed the vulnerabilities to SHAREit, but its developers haven’t released any update to address the issues so far. We will recommend uninstalling the app until the developers issue a fix. Until then, you can use Google’s Files app or NearBy app for file-sharing.
Source : XDA
More than 500 million Facebook users’ phone numbers are for sale
Follow us on Twitter and Telegram.
