Skip Ribbon Commands
Skip to main content
Computer Emergency Response Team of Mauritius (CERT-MU)
Computer Emergency Response Team of Mauritius>App on Google Play store exploited critical “Certifi-gate” Android vulnerability

App on Google Play store exploited critical “Certifi-gate” Android vulnerability


Researchers with Check Point observed a popular app on the Google Play store successfully exploiting ‘Certifi-gate’, a critical Android vulnerability that the security firm disclosed at Black Hat USA 2015 in Las Vegas. Security researchers showed how a malicious app requiring no special permissions can enable an attacker to completely take over nearly any device running the popular mobile operating system. They also showed the vulnerability using a proof of concept flashlight app, but the offending application observed in the Google Play store is Recordable Activator, a screen recording app from U.K.-based Invisibility Ltd with between 100,000 and 500,000 downloads. Unlike the flashlight app that exploited the “Certifi-gate” vulnerability to completely take over devices, the researcher stated that Recordable Activator could only be used to record the screen.
 
Source:
 
SC Magazine
 
IT News
 
Team Cymru
 
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis