Share news article

Share on facebook
Share on twitter
Share on linkedin
Share on email

Shein's Android App Caught Transmitting Clipboard Data to Remote Servers

Mar 07, 2023Ravie LakshmananPrivacy / Data Breach

An older version of Shein’s Android application suffered from a bug that periodically captured and transmitted clipboard contents to a remote server.

The Microsoft 365 Defender Research Team said it discovered the problem in version 7.9.2 of the app that was released on December 16, 2021. The issue has since been addressed as of May 2022.

Shein, originally named ZZKKO, is a Chinese online fast fashion retailer based in Singapore. The app, which is currently at version 9.0.0, has over 100 million downloads on the Google Play Store.

The tech giant said it’s not “specifically aware of any malicious intent behind the behavior,” but noted that the function isn’t necessary to perform tasks on the app.

It further pointed out that launching the application after copying any content to the device clipboard automatically triggered an HTTP POST request containing the data to the server “api-service[.]shein[.]com.”

To mitigate such privacy risks, Google has further made improvements to Android in recent years, including displaying toast messages when an app accesses the clipboard and barring apps from getting the data unless it is actively running in the foreground.


Discover the Hidden Dangers of Third-Party SaaS Apps

Are you aware of the risks associated with third-party app access to your company’s SaaS apps? Join our webinar to learn about the types of permissions being granted and how to minimize risk.


“Considering mobile users often use the clipboard to copy and paste sensitive information, like passwords or payment information, clipboard contents can be an attractive target for cyberattacks,” researchers Dimitrios Valsamaras and Michael Peck said.

“Leveraging clipboards can enable attackers to collect target information and exfiltrate useful data.”

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

Related News

Ferrari Discloses Ransomware Attack; Refuses to Pay Ransom

Ferrari Discloses Ransomware Attack; Refuses to Pay Ransom

Ferrari, the renowned Italian luxury car manufacturer, suffered a cyber incident that compromised the company’s client data. According to a…
ChatGPT Bug Exposes Conversation History Titles

ChatGPT Bug Exposes Conversation History Titles

A ChatGPT user on Reddit first reported the bug after noticing Chinese language characters in the title of their conversation…
Breach Forums to Remain Offline Permanently

Breach Forums to Remain Offline Permanently

The decision to shut down the Breach Forums came after the admin noticed someone had logged into an old forum…