Researchers with Check Point have identified a vulnerability - dubbed Certifi-gate - that can enable an attacker to take over practically any device running the popular mobile operating system.
Avi Bashan, technology leader at Check Point, and Ohad Bobrov, mobile threat prevention manager at Check Point, presented their findings during a session at Black Hat USA 2015 in Las Vegas. They explained that the issue is in the architecture of popular mobile Remote Support Tools used by practically all device manufacturers and network service providers.
Bashan discussed the issue and demonstrated a potential attack in a video for SCMagazine.com. In the demonstration, Bashan showed how he can control any function on the victim's Android device from his laptop. Additionally, he showed how he can monitor any actions taken by a user.
