Furthermore, the research team decided to delay news of their findings, possibly to protect the public. The app maker has not responded to the research team in the meantime. The now ongoing SHAREit flaw contains the following elements This is not the first time SHAREit has faced such vulnerabilities, as user files were shown to be at risk of theft and misuse in February 2019 (version 4.0.38). A vulnerability that may lead to Remote Code Execution (RCE).A vulnerability that can lead to user data leakage and code execution via SHAREit permissions.The app is connecting to risky third-party sources.Singapore-based developer Smart Media4U Technology PTE. LTD., have as of yet not officially patched SHAREit, despite being aware of the issue. SHAREit update version history does not show the issue as being addressed. These vulnerabilities can be exploited by cybercriminals with the use of ‘malicious’ software or code. Cybercriminals can exploit RCE bugs to extract user data by ‘tricking’ the app. The ability to launch a man-in-the-disk ( MiTD) attack is also possible due to the above flaws. TREND MICRO SHAREIT 1B FULLĪnother vulnerability is that the compromised app allows third parties full control and a backdoor into storage shared by other apps on Android devices, effectively putting the user’s personal data at risk. Interestingly, Google is still hosting the app on their Play Store. App maker Softonic has also not posted any information regarding the vulnerability on their website, the Google Play Store, or Twitter. There is an active Reddit discussion regarding the SHAREit case. Researchers at Trend Micro have released their Proof-of-Concept (POC) data, and as such SHAREit has been deemed no longer safe to use. Safety RecommendationsĬybersecurity issues on the Android platform are certainly not a new occurrence. TREND MICRO SHAREIT 1B SOFTWAREĪndroid is by far the most popular mobile OS out there, and due to its far-reaching use, distribution, and extremely high number of global users, security threats and software vulnerabilities are very common.Cybersecurity experts have discovered a popular Android app riddled with vulnerabilities has been download one billion times. SHAREit is used to share files between Android users and devices.Īn attacker can exploit the permissions on SHAREit mobile app to leak sensitive data and remotely execute malicious code. Where to get your Mobile Security for Android activation keySHAREit is owned by Smart Media4U Technology Pte.Devices your Trend Micro license can protect.Click the image below to download Trend Micro from Play Store.Sign In to Use Existing License (log in with your Trend Micro Account).Use an Activation Code ( locate my code/key).You can purchase a subscription or use your existing license:.At the lower-right corner, tap Buy / Activate.Read the Privacy and Personal Data Collection Disclosure, tap ‘ I agree to share user usage data to help improve this app’, then tap Accept and Continue.Wait for the installation to finish, then tap Open.In the Search field, type Trend Micro Mobile Security, then tap □.On your device, open the Play Store app. Download and Install Trend Micro from the Play Store Trend Micro offers Android mobile device security and tablet security to protect yourself against malicious apps and unwanted access.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |