“SHAREit – Transfer & Share” – One of the most downloaded apps in the Google Play Store and also the top-notch app in file sharing for Android.
But here is the problem; a report from Trend Micro suggests that there is a serious flaw in the file-sharing app that could lead to remote code execution by any bad individual.
To learn more about RCE, refer to this article of Wikipedia.
We could say in short what this means like this:
If an ‘A’ app has RCE vulnerability, then the ‘B’ person with the help of a ‘C’ code or ‘D’ app could easily take the help of the permissions SHAREit demands from the users to execute any malicious code or reveal user info.
Trend Micro reports that ‘Google has been informed about these flaws.’
Trend Micro made use of the vulnerability and showed how you can make anyone install a fake ‘Twitter’ Application with the permissions SHAREit has and use the fake app to manipulate the user data or device.
The full article and Vulnerability Test can be accessed here: https://www.trendmicro.com/en_us/research/21/b/shareit-flaw-could-lead-to-remote-code-execution.html?ClickID=cela7ifasawaxiafzi7ke4zlss77aqlkekz
No matter how famous an application is, we should always keep in mind our own safety first in this virtual world of deception.