Categories: CyberCrimeSecurity

‘Certifi-Gate’ Security Flaw Hits Millions Of Android Devices

Android smartphone users have been warned about another serious vulnerability that could allow hackers to hijack their devices.

Researchers at security firm Check Point have uncovered a major flaw that it says could be affecting hundreds of millions of Android users all over the world, even those running the latest version of Android 5.0 Lollipop.

The problem could put devices from leading manufacturers such as Samsung, LG and HTC at risk, the team revealed, allowing hackers to take complete control of their devices and steal personal data.

Bolted

The “Certifi-gate” vulnerability allows applications to gain illegitimate privileged access rights, which are typically used by remote support applications that are either pre-installed or personally installed on Android devices, meaning devices can be at risk straight out of the box.

Check Point says that the vulnerability can be ‘very easily exploited’ to give hackers unrestricted access to the affected devices, allowing them to steal personal data, track device locations, turn on microphones to record conversations, and more.

The company says it has contacted all the affected vendors, and all have begun releasing updates. However the team warns that ‘Certifi-gate’ cannot be fixed, and can only be updated when a new software build is pushed to the device, which is often a notoriously slow process.

Android users can check to see if their device has been affected using a free Check Point app, (pictured above) available on Google Play Store from today.

The flaw is the second major vulnerability to hit Android devices within the last two weeks, following the uncovering of the ‘Stagefright’ bug last week which could affect up to a billion Android smartphones.

However Google has announced it will be providing more in-depth and regular security updates to Android users by releasing monthly security upgrades. The updates will cover most of the company’s Nexus devices and will also be available to selected Samsung smartphones as Google looks to better protect customers using its mobile OS.

Are you a security pro? Try our quiz!

Mike Moore

Michael Moore joined TechWeek Europe in January 2014 as a trainee before graduating to Reporter later that year. He covers a wide range of topics, including but not limited to mobile devices, wearable tech, the Internet of Things, and financial technology.

Recent Posts

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

12 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

15 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

16 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

17 hours ago