As Trend Micro mobile threat analysts Echo Duan and Jesse Chang found, the now-fixed. Trend Micro disclosed the security flaw after auditing one of the most popular android file-sharing apps with over a billion downloads on the Google Play Store. An Android app that’s been downloaded more than 1 billion times is riddled with flaws that can let attackers hijack app features or overwrite existing files to execute malicious code, or launch man-in-the-disk (MiTD) attacks on people’s devices, researchers discovered. Android apps with spyware installed 421 million times from Google Play. File-sharing app SHAREit has several security flaws exposing users to the risk of remote code execution and sensitive data leaks. When you download SHAREit, you stumble into a few ads and extra features you might not expect. SHAREit is one of the tens of Chinese mobile apps banned last year by India due to national security and privacy concerns. They were identified and reported to the app maker three months ago by researchers at Trend Micro. The flaws exist in an app called SHAREit, which allows Android app users to share files between friends or devices. The free app that connects tons of devices. They were identified and reported to the app maker three months ago by researchers at Trend Micro. However, the flaws remain unpatched, according to a report posted online Monday. “We decided to disclose our research three months after reporting this since many users might be affected by this attack, because the attacker can steal sensitive data and do anything with the apps’ permission,” Echo Duan, a mobile threats analyst for Trend Micro, wrote in the report. Trend Micro also notified Google of the app’s issues, which lie in several flaws in its code that too easily give third parties permissions to take over legitimate app features, overwrite existing app files or even take over Android storage shared by multiple apps to execute malicious code, he said. SHAREit is a super-fast, data-free and safe app to transfer big files. “We delved into the app’s code and found that it declares the broadcast receiver as ‘.DefaultReceiver,'” Duan explained in the post. Share files, apps, games, and more with the SHAREit file transfer app. “It receives the action ‘.install_completed’ and Extra Intent then calls the startActivity() function.” #Trend android shareit 1b code “This shows arbitrary activities, including SHAREit’s internal (non-public) and external app activities.” Researchers built a simple proof of concept (PoC) and found that “any app can invoke this broadcast component,” he said. Trend Micro Antivirus + Security protects 1 Windows device with malware protection, advanced ransomware protection, and a secure browser for online finances. ![]() Moreover, third-parties also can gain temporary read/write access to the content provider’s data through a flaw in its FileProvider, Duan wrote. ![]() “Even worse, the developer specified a wide storage area root path,” he wrote.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |