Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
The Android app unnecessarily accessed clipboard device contents, which often includes passwords and other sensitive data.
1 Min Read
Source: GH Tech via Alamy Stock Photo
A version of the Shein shopping application in the Google Play store with more than 100 million downloads was unnecessarily accessing Android-device clipboard contents, creating a potential security threat, according to Microsoft.
The software giant said in a blog post from Microsoft Threat Intelligence that it asked Shein to remove the feature from its Android app that accessed user clipboards, and the company complied. However, users need to update their apps to be free from danger.
From passwords to account numbers, and auto-fill information of all kinds, device clipboards can contain a treasure trove of sensitive data.
"Microsoft discovered that an old version of the Shein Android application periodically read the contents of the Android device clipboard and, if a particular pattern was present, sent the contents of the clipboard to a remote server," the Microsoft blog post said. "While we are not specifically aware of any malicious intent behind the behavior, we assessed that this behavior was not necessary for users to perform their tasks on the app."
About the Author(s)
You May Also Like
More Insights
Webinars
The fuel in the new AI race: Data
April 23, 2024Securing Code in the Age of AI
April 24, 2024Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024
Events
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024
