Millions of Android Users at Risk: Popular Shopping App Caught Spying on Clipboard Activity

Mar 11, 2023, 11:23 AM EST
2 mins read
Millions of Android Users at Risk: Popular Shopping App Caught Spying on Clipboard Activity

We may receive a portion of sales if you purchase a product through a link in this article at no cost to you, though all opinions are our own. For more information, please read our ethics statement. Please note that pricing and availability are subject to change.

A recent report by Microsoft has revealed that an outdated version of the SHEIN Android mobile app was spying on millions of Android users. The popular shopping app was found to be accessing users’ clipboard activity, a serious privacy breach that can put sensitive information like passwords, financial details, and personal data at risk.

According to Microsoft, the SHEIN Android application periodically read the contents of the Android device clipboard and sent them to a remote server if a particular pattern was present. The behavior was detected by Microsoft’s Defender for Endpoint, which flagged it as suspicious activity.

Millions of Android Users at Risk: Popular Shopping App Caught Spying on Clipboard Activity
An example of a call chain through the SHEIN app resulting in clipboard access. (Image Credit: Microsoft)

While Microsoft did not find any evidence of malicious intent, the app’s behavior is still considered a violation of users’ privacy. There is no explanation for why the app needs to track users’ clipboard activity, and it is not necessary for users to perform tasks on the app.


The SHEIN app is available on the Google Play Store and has over 100 million downloads, highlighting the risks that installed applications can pose, even those obtained from the platform’s official app store. Microsoft reported the findings to Google, and it was subsequently investigated by their Android Security Team.

In May 2022, SHEIN removed the behavior from the application, but the incident serves as a reminder that apparently harmless behaviors in apps can be exploited with malicious intent.

Threats targeting clipboards are particularly concerning, as they can put any copied and pasted information at risk of being stolen or modified by attackers. This includes sensitive information like passwords, financial details, personal data, cryptocurrency wallet addresses, and more.


As a result, it’s important for users to be cautious when granting permissions to apps and to keep their devices and apps up to date with the latest security patches. Additionally, using a password manager can help protect sensitive information by securely storing and auto-filling passwords, making it harder for attackers to steal them.

How to keep your device safe?

Following the discovery, Microsoft has issued recommendations for users to protect themselves from risk:

  • Always keep the device and the installed applications updated
  • Never install applications from untrusted sources
  • Consider removing applications with unexpected behaviors, such as clipboard access toast notifications, and report the behavior to the vendor or app store operator

Notify of
Inline Feedbacks
View all comments
Would love your thoughts, please comment.x