Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Security Strategy, Plan, Budget, Vulnerability Management, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Black Hat 2015: Vulnerability enables complete takeover of any Android device

Share

Researchers with Check Point have identified a vulnerability - dubbed Certifi-gate - that can enable an attacker to take over practically any device running the popular mobile operating system. 

Avi Bashan, technology leader at Check Point, and Ohad Bobrov, mobile threat prevention manager at Check Point, presented their findings during a session at Black Hat USA 2015 in Las Vegas. They explained that the issue is in the architecture of popular mobile Remote Support Tools used by practically all device manufacturers and network service providers.

Bashan discussed the issue and demonstrated a potential attack in a video for SCMagazine.com. In the demonstration, Bashan showed how he can control any function on the victim's Android device from his laptop. Additionally, he showed how he can monitor any actions taken by a user. 

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.