An older model of Shein’s Android utility suffered from a bug that periodically captured and transmitted clipboard contents to a distant server.
The Microsoft 365 Defender Analysis Group mentioned it found the issue in model 7.9.2 of the app that was launched on December 16, 2021. The problem has since been addressed as of Could 2022.
Shein, initially named ZZKKO, is a Chinese language on-line quick vogue retailer primarily based in Singapore. The app, which is at the moment at model 9.0.0, has over 100 million downloads on the Google Play Retailer.
The tech large mentioned it is not “particularly conscious of any malicious intent behind the conduct,” however famous that the operate is not essential to carry out duties on the app.
It additional identified that launching the applying after copying any content material to the system clipboard robotically triggered an HTTP POST request containing the information to the server “api-service[.]shein[.]com.”
To mitigate such privateness dangers, Google has additional made enhancements to Android in recent times, together with displaying toast messages when an app accesses the clipboard and barring apps from getting the information until it’s actively working within the foreground.
Uncover the Hidden Risks of Third-Get together SaaS Apps
Are you conscious of the dangers related to third-party app entry to your organization’s SaaS apps? Be part of our webinar to be taught in regards to the kinds of permissions being granted and how you can reduce danger.
“Contemplating cell customers typically use the clipboard to repeat and paste delicate data, like passwords or cost data, clipboard contents will be a beautiful goal for cyberattacks,” researchers Dimitrios Valsamaras and Michael Peck mentioned.
“Leveraging clipboards can allow attackers to gather goal data and exfiltrate helpful information.”
