ShopBack Compromised?? Requesting Root Access after New Update

Agret on 14/07/2024 - 23:18

I have automatic updates disabled in play store and with the AliExpress sale going decided to update my shopback to the latest version.

I've been using it earlier in the week with no issues but after doing the update today whenever I open the shopback app it keeps popping up requesting root access.

This seems crazy since there was no mention of any new functionality for root users what is it doing this request for?? Makes me suspicious the app has been compromised with some sort of user data stealer.

Anyone have any ideas?

General Discussion

Related Stores

ShopBack AU
ShopBack AU
Third-Party

Comments

  • Leho on 14/07/2024 - 23:41
    +8

    Probably a shittily designed root detection, its probably calling sbin/su, which will popup the magisk prompt, then checking the exit code.

    the su binary wont be callable on a non rooted device (obviously)

  • AustriaBargain on 15/07/2024 - 02:33
    +1

    One of their code monkeys did something wrong more likely. So many websites out there are just plain busted. Web development is hard and the bigger a site or service gets, the harder it is.

    • Switchblade88 on 15/07/2024 - 10:06
      +2

      Websites don't ask for root access.

      Apps should not ask for root access unless explicitly designed to do so.

  • bamzero on 15/07/2024 - 12:00

    I'm on 5.14.0 which is the latest offered to me in Playstore but haven't got any root access requests.

    (actually just checked and I have Shopback already on my Shamiko denylist, as well as hiding all that sort of stuff from it via Hide My Applist but just removed to check and still no requests)

    • Agret on 15/07/2024 - 19:36

      Mine is 5.14.0 too, it kept popping up while I was using it to access AliExpress so eventually I just set it to auto decline. Didn't have it on any my root hide lists.

  • Store Repgotyourback @ ShopBack AU on 15/07/2024 - 12:25
    -1

    Thanks for letting us know! This issue has been flagged to our engineering team for further investigation. We'll be sure to keep you updated on the progress.

Login or Join to leave a comment
Login Join