The new threat, dubbed “Certifi-gate”, is a set of vulnerabilities in the authorization methods between mobile Remote Support Tool (mRST) apps and system-level plugs on a device.mRSTs allow remote personnel to offer customers personalized technical support for their devices by replicating a device’s screen and by simulating screen clicks at a remote console. If exploited, Certifi-gate allows malicious applications to gain unrestricted access to a device silently, elevating their privileges to allow access to the user data and perform a variety of actions usually only available to the device owner.
Check Point researchers examined the verification methods by which trusted components of the mRSTs validate remote support applications, and discovered numerous faulty exploitable implementations of this logic. This allows mobile platform attackers to masquerade as the original remote supporter with system privileges on the device.
The company claims that it affects devices made by major manufacturers including LG, Samsung, HTC, and ZTE. Worse still, it’s not just that hundreds of millions of smartphones and tablets are liable to attack.The researchers have reported their findings to the respective vulnerable OEMs and Google but have warned that no patch can fix this bug as existing Android systems cannot revoke the security certificates and permissions of the suspected apps and only a new software build will resolve the issue. Unfortunately it is often a “notoriously slow process” as it has always been the case with Android devices.
