SHAREit Android Flaunts A Billion Downloads And Alarming Remote Execution Security Flaws
Security researchers at Trend Micro say they have uncovered "several vulnerabilities" within an Android application that has been downloaded more than 1 billion times from Google Play. The app is called SHAREit by Smart Media 4U, and it is designed to make transferring photos, videos, music, and other things a snap through peer-to-peer file sharing.
Interestingly, it was Lenovo that first developed the SHAREit app and launched it in 2012, but it was later spun off as a separate company. Beyond that fun fact, Lenovo has no development ties to the current iteration by Smart Media4U and the security flaws that Trend Micro's researchers say they discovered, which they say could allow an attacker to leak a user's sensitive data.
According to the researchers, a nefarious actor could also execute arbitrary code with SHAREit permissions through the use of malicious code or an app, which in turn could lead to remote code execution (REC).
"In the past, vulnerabilities that can be used to download and steal files from users’ devices have also been associated with the app. While the app allows the transfer and download of various file types, such as Android Package (APK), the vulnerabilities related to these features are most likely unintended flaws," Trend Micro explains in a blog post.
Looking at the app's landing page on Google Play, it requests a startling range of permissions during installation. It asks to read a user's contacts, record audio, take pictures and video, hone in on a user's precise location, access files, modify and delete internal storage data, delete apps, run at startup, and much more. It also asks for full network access.
The report dives into the nitty-gritty details of the security vulnerabilities, but in short, SHAREit seems to play fast and loose in how it shares information and communicates with other apps. As a result, bad actors have multiple entry points to sneak in and compromise and Android handset. That includes man-in-the-middle attacks.
Trend Micro concocted a proof-of-concept to highlight the security risks SHAREit imposes. It also reported the flaws to the developer three months ago without a response, and has informed Google of its findings. As of this writing, the app remains available to download in Google Play.