Credit: Andy Walker / Android Authority
- The popular ShareIt application has several vulnerabilities.
- These vulnerabilities could be abused by malicious actors to perform remote attacks.
Popular Android The ShareIt file sharing application has several vulnerabilities that could lead to the misuse of a user’s data. This according to the security company TrendMicrofindings published in a recent report.
The detailed vulnerabilities could theoretically grant a remote attacker the ability to access and manipulate data on a user’s device using ShareIt permissions.
The security company demonstrates that attackers could use ShareIt’s trust functions to execute malicious commands or install third-party applications. The security breaches could also allow an attacker to replace the resources of other apps on a user’s device, apparently swapping a legitimate app for a fake replacement.
ShareIt vulnerabilities, fixes and alternatives
TrendMicro alerted the developer of ShareIt to the issues three months ago, but no fixes have been released yet. The company also alerted Google to the issues. We have contacted the developers of the app and will update this article if / when we receive a response.
ShareIt is one of the most popular apps in the Google Play Store. Downloaded over a billion times, the app allows users to transfer and share files and links with others. It was also one of the 60 applications developed in China banned in India at the end of last year.
By its Play Store sheet, the app was last updated on February 9, but the update changelog does not mention a fix for the revealed vulnerabilities. The app remains available for download at the time of writing.
For now, it’s probably a good idea to guard against using ShareIt until the flaws are fixed. Until then, there are a multitude of alternatives. If you need to transfer files to other Android devices, Share nearby is a great integrated alternative. Files by Google also offers similar functionality. In addition, there are a number of practical applications for transfer files to your PC if needed.