Click to Skip Ad
Closing in...

Delete this Android app right now

Published Feb 16th, 2021 6:07PM EST
Android app
Image: WhataWin/Adobe

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

  • Reports are circulating this week about a new Android app to be wary of — it’s called SHAREit, an app that has both an iOS and Android version, and it’s been downloaded from the Google Play Store more than 1 billion times.
  • The security firm Trend Micro issued a report about the app that cites a number of security flaws which the firm says haven’t been patched for at least a few months.
  • The security problems include the possibility that the app could be used for remote code execution, as well as leaking a user’s sensitive personal information.

If you happen to have the SHAREit app installed on your phone, you’ll definitely want to be aware of a new report from the security firm Trend Micro about this particular Android app — which has unpatched security bugs that apparently have gone unfixed for a few months. According to the researchers, this means that the Android version of this app could be used to hijack phones as well as to steal personal data.

Trend Micro says that the vulnerabilities in the Android version of the app, which has been downloaded more than 1 billion times, “can be abused to leak a user’s sensitive data, execute arbitrary code, and possibly lead to remote code execution.” And while the problems haven’t been fixed as of the time of this writing, Google has reportedly been told about the issues. It’s also important to note — none of this applies to the IOS version of the app, per Trend Micro.

SHAREit, which lets you share files with other users who have this same app on their phone, was named as one of the most downloaded apps in 2019. Nevertheless, this new report says that the vulnerabilities that were discovered “can be abused to leak a user’s sensitive data and execute arbitrary code with SHAREit permissions by using a malicious code or app … In the past, vulnerabilities that can be used to download and steal files from users’ devices have also been associated with the app. While the app allows the transfer and download of various file types, such as Android Package (APK), the vulnerabilities related to these features are most likely unintended flaws.”

The problem would result from a malicious app or code installed on the Android device in question, which is what could take advantage of the SHAREit vulnerabilities. Included in the Trend Micro report was a screenshot of the SHAREit Google Play Store page showing a most recent app update on January 26 of this year. As of Tuesday, February 16, however, the Google Play Store page for the app is showing that the app was updated on February 9.

“We decided to disclose our research three months after reporting this, since many users might be affected by this attack because the attacker can steal sensitive data,” Trend Micro’s Echo Duan and Jesse Chang wrote in their report.

Andy Meek Trending News Editor

Andy Meek is a reporter based in Memphis who has covered media, entertainment, and culture for over 20 years. His work has appeared in outlets including The Guardian, Forbes, and The Financial Times, and he’s written for BGR since 2015. Andy's coverage includes technology and entertainment, and he has a particular interest in all things streaming.

Over the years, he’s interviewed legendary figures in entertainment and tech that range from Stan Lee to John McAfee, Peter Thiel, and Reed Hastings.