However, he noted that the case doesn’t appear malicious but rather a bug due to inheriting a class that had the specific code. Valsamaras told RestorePrivacy that the app’s developer hasn’t specified the reason for using the particular characters as triggers for clipboard data siphoning. If specific characters are found in the clipboard, like “$” and “://”, the app sends the clipboard contents to a remote server at “ The researchers confirmed this risky behavior on an Android 9 test device they used for capturing the associated requests using the Burp Proxy tool. The analysts found that SHEIN contains code that reads the contents of the device clipboard upon the app’s launch and when the user interacts with the app. As such, it can contain sensitive information. The clipboard is a temporary storage area on operating systems that holds the contents of copied data such as text, images, passwords, etc. Microsoft researchers Dimitrios Valsamaras and Michael Peck analyzed SHEIN app version 7.9.2 using static and dynamic analysis tools and techniques, focusing on code accessing clipboard contents. “Even if SHEIN’s clipboard behavior involved no malicious intent, this example case highlights the risks that installed applications can pose, including those that are highly popular and obtained from the platform’s official app store.” – Microsoft App Coding Mistake However, the app’s behavior was still introducing unnecessary risk to users and wasn’t needed to deliver the core functionality of the shopping app. Microsoft says that it has discovered no indications of malicious intent. The risky app behavior was discovered by Microsoft threat researchers and reported to Google, while SHEIN’s developers removed the clipboard data retrieval function from the application with an update released in May 2022.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |