Security Gaps Certifi-Gate - Security issue has indeed become a hot topic lately, just a few days ago we featured an article that Macs are not immune to malware, and also about the Touch ID on iOS are said to be more secure than Android. This time we find that there are security gaps found in the Android system can be said to be dangerous because it enables take over control devices, where this vulnerability was discovered by researchers Check Point.
This inform researchers about security gaps at the Black Hat Conference, eventand fuss this gap makes millions of Android devices isa was attacked by the hackers and taken over. They named this gap Certifi-gate located onimplementation of mobile Remote Support Tool (mRST) by the OEM(manufacturer/factory of Android devices such as Sony, LG or Samsung) wherethis feature allows third-party plugins to duplicate the device screen and perform actions to the device using a certificate from the OEM.
Certifi-gate pun showing the exploitation case demo video on their website, as shown in the following screenshot.
certifi-gate-demo
If successful, dieskploitasi, Certifi-gate allows the rogue applications get unlimited access on the device without being detected, could even allow the user to access data and perform actions that should only be done by the owner of the device.
Samsung or Google party immediately give a response to this and recommendsits users to download the trusted application only and not install applications,especially those that are not found in Google Play Store and outside the application store Samsung. But unfortunately not all the applications Play Store can be said one hundred percent secure.
Researchers Check Point managed to find this gap by means of checking method of verification of the system components in the application validates the mRSTremote support and they found there a logic implementation that could beexploited by hackers.
The components of a system of third party often mRST already installed on the device or included as default software on the device, so lots of devices that supposedly have this security loophole which also add to the difficulties in the process of patching and sometimes cannot eliminate components because it is the default software from the manufacturer.
To overcome this, Check Point already provides application scanners to make sure whether your devices exposed by slit Certifi-gate, you can download it at the link: application scanner Certifi-gate from Check Point and they provide a detailed report about Certifi-gate this following link: Report Certifi-gate
Posted by Unknown on Saturday, August 15, 2015 - Rating: 4.5
0 Response to "Security Gaps Certifi-Gate Allows Hackers Take Over Control Of Your Android Device!"
Post a Comment