The famous ShareIt Android file sharing app has many vulnerabilities that could lead to a user’s data being violated. This is according to the findings of the security firm TrendMicro released in a new analysis.
The detailed vulnerabilities could potentially give a remote attacker the ability to access and manipulate data using the ShareIt permissions on a user’s phone.
The security firm shows that attackers can use the trusted features of ShareIt to run malicious commands or install apps from third parties. The security vulnerabilities may also allow an attacker to substitute the resources of other apps on the computer of a user, obviously swapping a legitimate app for a fake replacement.
Vulnerabilities, fixes, and alternatives of ShareIt
Three months ago, TrendMicro alerted ShareIt’s creator to the problems, but no patch has yet been released. The organization has also told Google of the problems.
ShareIt is one of the most popular apps on the Google Play Store. The software, downloaded over a billion times, allows users to pass files and links to others and share them. ShareIt was also among the 60 apps created by China that were banned in India at the end of last year.
The app was last updated on February 9, per its Play Store page, but the changelog of the update fails to mention a fix for the vulnerabilities disclosed. At the moment of publishing, the app is available for download.
For now, guarding against the use of ShareIt before the bugs are resolved is probably a smart idea. There are a variety of alternatives till then, if you need to pass files to other Android devices, an excellent built-in alternative is Nearby Share. Google’s files also provide similar features. In addition, if need be, there are a range of handy applications to move files to your PC.