“Certifi-gate” allows malicious software to access the personal data of users via remote using applications installed by manufacturers.
Certainly, Android users lead a particularly dangerous life. Check Point Software Technologies, cybersecurity specialist, revealed at the Black Hat conference being held in Las Vegas a new security flaw that threatens smartphones running Android. “Certifi-gate,” as they named those who have discovered, comes with remote applications, used when the user encounters a problem and that can troubleshoot via special access to their smartphone.
“If exploited, Certifi-gate allow malicious applications to discreetly access personal data,” says a note dedicated to the question on the Check Point blog. Hackers could then locate the hacked phone or record telephone conversations
Problem:. Applications defendants are most often pre-installed on smartphones by manufacturers. Android has no way to restrict the authorizations to potentially malicious applications. “Without a patch, the models are exposed in their first use,” said Check Point, which indicates that devices LG, Samsung or HTC could be vulnerable without mention of specific model.
The only way to solve the problem: an update of Android. Google and Samsung have already announced a security patch and HTC plancherait also on the issue. But these procedures were announced when a previous flaw was discovered, “Stagefright” which allows you to take control of a phone remotely by sending a simple MMS. She concerned 95% of Android phones.
Just hours after its discovery, another anomaly was unearthed. “Fake ID” passed malicious applications for authentic applications to access again to the personal data of the user: his messages, his pictures but also its financial information it uses a mobile payment solution developed by Google, Google Wallet. In order not to endanger 80% of Android users concerned, manufacturers had already had to revise their update program. It risks being pushed again.
So, Android is it less secure than other operating systems? Not sure. While Android is an open system, unlike iOS, which has still been singled out as most vulnerable by Symantec. But Android is mostly the preferred target of hackers, which explains the number of cyber attacks on Google’s OS. Nothing too surprising when one knows the domination of Android on the smartphone market. A success that attracts consumers as much as evil intentions.
No comments:
Post a Comment