Android smartphone owners were put on high alert last week following details of a dangerous new bug within a hugely-popular Google Play Store, known as SHAREit, which has been downloaded more than one billion times. Security experts from Trend Micro were the first to uncover the flaws within the code, which could be leveraged by hackers to gain access to sensitive data stored on your handset.
Thankfully, the developers behind SHAREit have finally issued an update to the software designed to close the flaw for good. Until now, the only way for the one billion devices with the app installed to guarantee their safety was to remove the software completely. With the launch of the new bug-blasting update, that’s no longer the case.
If you have SHAREit on your handset, head to the Play Store now to ensure you’re running the latest update. For those who don’t know, SHAREit is a file transfer application that lets users beam photos, videos, GIFs, wallpapers and music tracks between smartphones or tablets at speeds 200-times faster than regular ol’ Bluetooth. It works similar to the AirDrop feature baked into iPhone, iPad and Mac, which Google looks set to introduce into Android in a future version of the mobile operating system.
“On February 15, 2021, we became aware of a report by Trend Micro about potential security vulnerabilities in our app,” the creators of SHAREit said in a statement. “We worked quickly to investigate this report, and on February 19, 2021, we released a patch to address the alleged vulnerabilities.”
While SHAREit claims that it was only made aware of the troubling findings from security researchers earlier this month, Trend Micro reported the issues three months before making its findings public.
Speaking at the time of publication, the Trend Micro security experts said: “We decided to disclose our research three months after reporting this since many users might be affected by this attack because the attacker can steal sensitive data and do anything with the apps’ permission. SHAREit has over 1 billion downloads in Google Play and has been named as one of the most downloaded applications in 2019. Google has been informed of these vulnerabilities.”
It’s unclear why SHAREit did not receive the original security findings …or why it didn’t decide to act until the findings were public and users were cautioned to remove the app from their device.
Worryingly, this isn’t the first time that SHAREit has been embroiled in a security scandal. Back in 2019, SHAREit patched two other crucial vulnerabilities that enabled attackers to bypass the app’s authentication mechanism and download user files – like photos, videos and text messages remotely. These could then be sold, published without permission, or used to blackmail the phone owner.
According to the Google Play Store, the last time SHAREit was updated was on February 9, which was prior to the Trend Micro research was published. The file-sharing app, which lets users exchange photos, music, videos and GIFs, in total has 1.8billion users worldwide. In fact, according to App Annie, SHAREit was one of the top 10 most downloaded apps in the world in 2019.
