SHAREit App Vulnerability Puts Public at Risk

SHAREit app open on Android phone on desk

Because of the way the digital marketplace is structured in this day and age, there are multiple (at times even surprisingly unprotected) paths via which cyber attackers can devise cunning disruptions to public cybersecurity. For these perpetrators of cybercrime, there are now more digital channels than ever to conduct heinous attacks on everyone from regular citizens to the largest corporations.

In an ongoing issue revealed to the public on Monday by Trend Micro, the latest information suggests that one of the most downloaded apps on the Google Play Store, SHAREit, is in big trouble due to major security vulnerabilities. It wouldn’t be the first time that both the Android OS and the Google Play Store have run into trouble, either.

What is SHAREit?

SHAREit is a multi-purpose cross-platform sharing app that promises “high transfer speeds & free online feeds“. It is developed and distributed by Barcelona-based Softonic. Information on their website states that they are the global leader in software and app discovery. Their SHAREit app claims to be the “fastest in the world” with the ability to “transfer all types of files” with an included “powerful” media player. SHAREit brings in over 1 billion installations and hosts hundreds of millions of active users.

Details About The SHAREit Case

Mobile cybersecurity researchers Jesse Chan and Echo Duan of Trend Micro warned of a serious vulnerability within the SHAREit app.

Apparently, researchers were aware of the vulnerability for months and have relayed it to the app maker Softonic and Google. Furthermore, the research team decided to delay news of their findings, possibly to protect the public. The app maker has not responded to the research team in the meantime.

This is not the first time SHAREit has faced such vulnerabilities, as user files were shown to be at risk of theft and misuse in February 2019 (version 4.0.38). The now ongoing SHAREit flaw contains the following elements;

  • A vulnerability that may lead to Remote Code Execution (RCE)
  • A vulnerability that can lead to user data leakage and code execution via SHAREit permissions
  • The app is connecting to risky third-party sources

Singapore-based developer Smart Media4U Technology PTE. LTD., have as of yet not officially patched SHAREit, despite being aware of the issue. SHAREit update version history does not show the issue as being addressed.

Implications of The Vulnerability

These vulnerabilities can be exploited by cybercriminals with the use of ‘malicious’ software or code. Cybercriminals can exploit RCE bugs to extract user data by ‘tricking’ the app. The ability to launch a man-in-the-disk (MiTD) attack is also possible due to the above flaws. Another vulnerability is that the compromised app allows third-parties full control and a backdoor into storage shared by other apps on Android devices, effectively putting the user’s personal data at risk.

Interestingly, Google is still hosting the app on their Play Store. App maker Softonic has also not posted any information regarding the vulnerability on their website, the Google Play Store, or Twitter.

There is an active Reddit discussion regarding the SHAREit case. Researchers at Trend Micro have released their Proof-of-Concept (POC) data, and as such SHAREit has been deemed no longer safe to use.

Safety Recommendations

Cybersecurity issues on the Android platform are certainly not a new occurrence. Android is by far the most popular mobile OS out there, and due to its far-reaching use, distribution, and extremely high number of global users, security threats and software vulnerabilities are very common.

For safety purposes, Trend Micro researchers recommend that users, enterprises, and app developers alike practice the following;

  • Regularly updating and patching apps and operating systems
  • Always staying informed about what is being downloaded
Tech researcher & communications specialist
Mirza has an education background in Global Communications, has worked in advertising, marketing, journalism and television over the years while living in several different countries. He is now working to consolidate news and outreach at VPNoverview.com, while in his free time he likes to work on documentary projects, read about sociology and write about world events.