AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Trend micro android shareit play1/10/2023 The Android package name is still "," but Lenovo appears to have stopped supporting the app in 2017 (opens in new tab).Ī Lenovo security advisory from 2016 (opens in new tab) cited security issues with SHAREit, stating that "users with older Android versions may be vulnerable to remote code execution, or a UXSS attack and users with any Android version may be vulnerable to an intent scheme attack." Interestingly, SHAREit seems to have begun life as a Lenovo app pre-installed on Windows laptops and Lenovo phones. It'll catch almost everything that rogue apps will try to install. You'll also want to be running one of the best Android antivirus apps. Turn off that permission for every app but Google Play. To make sure you're safe from SHAREit flaws and similar attacks, go into Settings > Apps > Special app access > Install unknown apps and see how many apps have the power to install other apps on their own. Trend Micro's team showed they could install a malicious version of Twitter using this process. SHAREit saves downloaded games into an unprotected directory that any other Android app can access and write to. But it's possible the attack might work in other Android browsers. Trend Micro tried that out and found that the attack didn't work in Google Chrome because the browser detected suspicious behavior. But because the connection to SHAREit's app store is not secure, it would be trivial for an attacker to stage a man-in-the-middle attack to inject malicious code into the connection and redirect the link so that your phone downloads malware.Ī malicious link could even be embedded in a website. The SHAREit app can directly download and install games from its own app store, outside the Google Play store. "They can also potentially lead to Remote Code Execution (RCE)." "The vulnerabilities can be abused to leak a user's sensitive data and execute arbitrary code with SHAREit permissions by using a malicious code or app," said the Trend Micro report. But because SHAREit lets users send Android app installers to each other, an attacker might find that easy to achieve. The flaws in SHAREit would have to be leveraged by a malicious app or rogue code that was already installed on the Android device, the report said. The page currently states the last update was on Feb. Google could, technically, remove SHAREit from the Play Store if it is found to be compromising users’ privacy.Trend Micro showed a screenshot of the app's Google Play page, which indicated the last update then had been made on Jan. Trend Micro also shared the findings with Google, though it is unclear what the company’s response was. At this point, unless SHAREit fixes the issues, it would be best for users to delete the app and its accompanying files from their phone. However, the firm said it didn’t receive a response from the company in over three months and hence decided to disclose it on their website. The vulnerabilities were found by security firm, Trend Micro, who first reported them to the company itself. Attackers can exploit such a vulnerability to steal user data or spy on people who use such apps. It leaves them open to deletion, modification and replacement. These happen when the resources of an app are stored without proper security measures, at shared locations on the disk. The app also leaves users open to man in the desk attacks, which were first found back in 2018. The bugs in the app could be used to run malicious code on smartphones, send unwanted commands and perform a man-in-the-middle attack, which is where attackers intercepts messages and other data by putting themselves between the victim and a server where data is being sent to.Īccording to the report, the cause of the vulnerabilities were lack of restrictions on who can access the app’s code. While file sharing has moved to the cloud for many, SHAREit remains a popular application, especially in countries like India. The vulnerabilities affected the Android version of SHAREit, which had been downloaded over a billion times across the world. Formerly Lenovo owned data sharing app, SHAREit, has multiple unpatched vulnerabilities that the app makers failed to fix for over six months, says a new report.
0 Comments
Read More
Leave a Reply. |