A new Android vulnerability (Certifi-gate) was discovered by researchers ασφάλειας της Check Point. Οι ερευνητές αποκάλυψαν την ευπάθεια στο Black Hat USA 2015, και ανέφεραν ότι επιτρέπει σε έναν εισβολέα να αποκτήσει τον πλήρη (απομακρυσμένο) έλεγχο μιας συσκευή που χρησιμοποιεί mobile Remote Support Tools (mRSTs).
These tools (mRSTs) have been added to Android to allow IT to detect bugs and problems without the need for device owners to go to a support center.
In other words, they allow the support staff to connect remotely, interact with the user's device, or implement patches.
But because mRSTs have system privileges, it makes them an ideal target for hackers.
The Check Point team analyzed the authentication methods that mRSTs use to validate a application support used from a remote location by IT departments, and discovered that they could easily disguise malicious actors as valid support requests. This is how they were able to carry out successful attacks that gave them system-level privileges on any device.
Αυτό επιτρέπει στους hackers την πρόσβαση σε όλες τις λειτουργίες του τηλεφώνου, κάτι που σημαίνει ότι μπορούν να παρεμποδίσουν τηλεφωνικές κλήσεις, να υποκλέψουν μηνύματα, φωτογραφίες, να εγκαταστήσουν applications, and anything you can think of.
According to her research Check Point, Certifi-gate vulnerability has been found in the following support applications: AnySupport, CommuniTake, RSupport, and TeamViewer.
IS YOUR DEVICE AT RISK?
Download Certifi-gate scanner for Android App today to find out
Here are two videos that show vulnerability.
