Trend Micro, a security firm claims that it has found “several” security flaws in the ShareIt application, which is a popular application for sharing files between devices. The app has been downloaded more than a billion times from the Play Store.
As per the report, the vulnerabilities can be used to leak the user’s sensitive data and execute arbitrary code with permissions. Also, the permissions required by the application are pretty extensive.
It requests access to the entire user storage and all media, the camera and microphone, and location. It can also delete apps, run at startup, create accounts and set passwords, among several other functions.
Further, the app also gets full network access. The security company claims that the app can also lead to remote code execution. What’s more worrisome is that Trend Micro claims that the these vulnerabilities with ShareIt three months ago, but the company has not rolled out any patches.
ShareIt application was originally developed by Lenovo but now it has been spun off into its own entity. As per the reports, the app has more than 1.8 billion users worldwide, including Android, iOS, Windows, and Mac.
The app, which was considered as one of the best for local file sharing, seems to have expanded its offering beyond that function. As per the Play Store listing, it now offers “Infinite Online Videos,” “Tens of millions of high-quality songs,” “GIFs, Wallpapers & Stickers,” a “popular” media section, and more.
If you are worried about security by using the Shareit application, we have already compiled a list of top 5 alternatives to the file-sharing app.