Skip Ribbon Commands
Skip to main content
Computer Emergency Response Team of Mauritius (CERT-MU)
Computer Emergency Response Team of Mauritius>App on Google Play store exploited critical “Certifi-gate” Android vulnerability

App on Google Play store exploited critical “Certifi-gate” Android vulnerability

Researchers with Check Point observed a popular app on the Google Play store successfully exploiting ‘Certifi-gate’, a critical Android vulnerability that the security firm disclosed at Black Hat USA 2015 in Las Vegas. Security researchers showed how a malicious app requiring no special permissions can enable an attacker to completely take over nearly any device running the popular mobile operating system. They also showed the vulnerability using a proof of concept flashlight app, but the offending application observed in the Google Play store is Recordable Activator, a screen recording app from U.K.-based Invisibility Ltd with between 100,000 and 500,000 downloads. Unlike the flashlight app that exploited the “Certifi-gate” vulnerability to completely take over devices, the researcher stated that Recordable Activator could only be used to record the screen.
SC Magazine
IT News
Team Cymru
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis