Using this banned file sharing app with 1 billion downloads can compromise your phone security: Report

SHAREit requests special permissions like uninstalling other apps, deleting file system data, turning on and off the microphone and camera, switching on location, and start itself when you reboot your phone - these can be misused by attackers.
By HT TECH
| Updated on Feb 17 2021, 08:52 PM IST
SHAREit contains a common Android security flaw that allows attackers to gain access to its internal files.
SHAREit contains a common Android security flaw that allows attackers to gain access to its internal files. (SHAREit/YouTube)

In September last year, the government banned a large number of applications in the country, citing national security concerns. In June, 59 apps were banned, followed by another 118 in September and 43 more in November. SHAREit, of those banned apps, it now appears, has a vulnerability that could be misused to leak sensitive user information and execute arbitrary code, according to a recent report.

Cybersecurity firm Trend Micro has stated that the SHAREit app, which has a billion downloads already, requests a wide range of permissions from its users and that it contains a common Android security flaw that allows attackers to gain access to its internal files, allowing them to control the app and compromising user security, in a report published with Ars Technica.
 

Read more: Govt bans 59 Chinese apps including TikTok in India

How does it work? According to Trend Micro, the security flaw pertains to controlling the “content providers” that Android allows apps to set and disable when they need to communicate with another app. However, instead of closing down the parts that it should have, the app allows a potential hacker to gain access to its internal files. At that point, it would be theoretically possible to take control of the app.

While this wouldn’t be too much of a concern for most apps, the fact that SHAREit has access to a plethora of permissions makes it a potential threat if it gets infected. These include special permissions like uninstalling other apps, deleting file system data, turning on and off the microphone and camera, switching on location, and start itself when you reboot your phone.

Also read: More smartphone firms join P2P file-transfer alliance

Users are therefore advised to switch to a better alternative - Trebleshot, Fast File Transfer, and many others exist and are well received by their users. You can also look at the Google Files app, but using the SHAREit app if it is installed on your phone could be a security concern - even if the developers issue a fix, the app being banned from the Play Store in the country means you will not get updates anyway.

Follow HT Tech for the latest tech news and reviews , also keep up with us on Twitter, Facebook, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 17 Feb, 08:52 PM IST
NEXT ARTICLE BEGINS
keep up with tech