AI-Powered App Exposes User Data, Creates Risk Of Supply Chain Attacks
Trend Micro, Tuesday, September 23rd, 2025
Trend Research's analysis of Wondershare RepairIt reveals how the AI-driven app exposed sensitive user data due to unsecure cloud storage practices and hardcoded credentials, creating risks of model tampering and supply chain attacks.
Key takeaways
An AI-powered application for enhancing images and videos named Wondershare RepairIt may have inadvertently contradicted its privacy policy by collecting and retaining sensitive user photos. Poor Development, Security, and Operations (DevSecOps) practices allowed overly permissive cloud access tokens to be embedded in the application's code.
The hardcoded cloud credentials in the application's binary enabled both read and write access to sensitive cloud storage. The exposed cloud storage contained not only user data but also AI models, software binaries, container images, and company source code.
Attackers can leverage the compromised access to manipulate AI models or executable files, conducting sophisticated supply chain attacks. Such an attack could distribute malicious payloads to legitimate users through vendor-signed software updates or AI model downloads.