Categories: CyberCrimeSecurity

‘Certifi-Gate’ Security Flaw Hits Millions Of Android Devices

Android smartphone users have been warned about another serious vulnerability that could allow hackers to hijack their devices.

Researchers at security firm Check Point have uncovered a major flaw that it says could be affecting hundreds of millions of Android users all over the world, even those running the latest version of Android 5.0 Lollipop.

The problem could put devices from leading manufacturers such as Samsung, LG and HTC at risk, the team revealed, allowing hackers to take complete control of their devices and steal personal data.

Bolted

The “Certifi-gate” vulnerability allows applications to gain illegitimate privileged access rights, which are typically used by remote support applications that are either pre-installed or personally installed on Android devices, meaning devices can be at risk straight out of the box.

Check Point says that the vulnerability can be ‘very easily exploited’ to give hackers unrestricted access to the affected devices, allowing them to steal personal data, track device locations, turn on microphones to record conversations, and more.

The company says it has contacted all the affected vendors, and all have begun releasing updates. However the team warns that ‘Certifi-gate’ cannot be fixed, and can only be updated when a new software build is pushed to the device, which is often a notoriously slow process.

Android users can check to see if their device has been affected using a free Check Point app, (pictured above) available on Google Play Store from today.

The flaw is the second major vulnerability to hit Android devices within the last two weeks, following the uncovering of the ‘Stagefright’ bug last week which could affect up to a billion Android smartphones.

However Google has announced it will be providing more in-depth and regular security updates to Android users by releasing monthly security upgrades. The updates will cover most of the company’s Nexus devices and will also be available to selected Samsung smartphones as Google looks to better protect customers using its mobile OS.

Are you a security pro? Try our quiz!

Mike Moore

Michael Moore joined TechWeek Europe in January 2014 as a trainee before graduating to Reporter later that year. He covers a wide range of topics, including but not limited to mobile devices, wearable tech, the Internet of Things, and financial technology.

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

2 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

2 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

2 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago