Videos, pictures, music or entire apps – Shareit makes sharing easy. But with a bit of bad luck, the popular app can also pose serious security problems. The security company Trend Micro found several of them and informed the manufacturer. After months of unresponsiveness, Trend Micro published it.
An attacker could steal the smartphone owner’s data through the security holes or even infect the cell phone with malicious code using Trojan horse apps. They do document the loopholes in the code and the insecure use of HTTP for downloads. They remained very vague in describing the possible exploitation. In the end, it is not entirely clear under which conditions successful attacks are possible.
What to do?
Trend Micro reportedly informed the manufacturer of the problems it found, but received no response for over 3 months. Trend Micro assures that Google has also been informed. And now the holes are being published because “many users could be affected by these attacks”. Trend Micro leaves exactly which versions of the app are affected, as does the question of whether the problems may also affect platforms other than Android.
The ShareIt app has over 1.8 billion users, according to the Singapore-based manufacturer Smart Media4U. Google Play has over a billion downloads of the Android app; so the number is not unrealistic. What these users should do now, however, remains unspoken. Trend Micros recommendations are limited to general security tips without reference to the specific problems. Apparently there was not enough courage to “Uninstall this app”. This is obvious as long as the manufacturer does not take a clear position.