Android Remote-Access Exploit Is Being Used

August 26, 2015 at 1:19 pm By

It looks like Google and Android have something to worry about as an application is exploiting the Android OS through the Google Play store. The exploit is allowing the application to gain remote-access to the operating systems easily bypassing Google security and user permissions.

“While the app was discovered installed on an infinitesimal percentage of devices checked by Check Point, it shows that the vulnerability caused by insecure OEM and cell carrier software meant to provide remote access to devices for customer service engineers has already been exploited by “legitimate” phone applications—and the method used to bypass Google’s security checks could be used for more malicious purposes on millions of devices,” according to Sean Gallagher of Arstechnica.

“And there’s no easy way for Google or phone manufacturers alone to patch the problem.”

According to the report, Ohad Bobrov and Avi Bashan pointed out security flaws in the Android software and called them the “Certifi-Gate.” Gallagher said that the vulnerability was caused by nonsecure versions of remote administrations tools allowing attackers to gain easy access into the software.

“In a blog post published today, Check Point researchers share a summary of that data—a majority (about 58 percent) of the Android devices scanned were vulnerable, with 15.84 percent actually having a vulnerable version of the remote access plug-in installed,” according to the report.

“The brand with the highest percentage of devices already carrying the vulnerable plug-in was LG—over 72 percent of LG devices scanned in the anonymized pool had a vulnerable version of the plug-in.”

Gallagher and Check Point is reporting that this is not an easy fix so it would be interesting to see exactly how many devices are exploited before the fix is put into place.

Read the full story.