Check Point, the company that disclosed the Certifi-gate vulnerability a few weeks ago, has published a blog post with further analysis of the problem. The security researchers report that an app called Recordable Activator was exploiting the vulnerability, using TeamViewer's plugin to gain system-level access and record the screen. The app has now been removed from Google Play, although Check Point claims it had somewhere between 100,000 and 500,000 downloads before that point.
The security company provides an application that tests whether a device is vulnerable and collects anonymous data. It's important to make a distinction: a "vulnerable device" is exploitable only if the user installs a remote support plug-in, while one that's both vulnerable and has a plug-in installed is far easier prey. Only 42.1% of scanned devices are considered clean, and a further 42.1% are vulnerable but unaffected. Of the 15.8% of devices that are vulnerable and have a remote support plug-in installed, 0.1% are under active exploit.
The company also provides a breakdown by manufacturer. Sony's devices fared well with a 99% clean rating, but the same can't be said for Samsung and HTC. Only 14.8% and 5% of devices from those manufacturers are considered safe, respectively. LG was the worst by far—only 8.6% of its devices are clean, and a whopping 72.4% have a vulnerable remote support plug-in installed.
Check Point also provides mitigation guidelines. For devices under active exploit or that have a vulnerable plug-in installed, it's recommended that users disable remote support services in Android's app management. For devices that are are vulnerable but don't yet have remote support apps, users are advised to avoid installing them, and run Check Point's scanner app afterwards if they do.
As a final note, Check Point is pretty clear on the patching situation for this vulnerability: the company says "as far as we know today, no device manufacturers have delivered a patch."
|Updated LG Gram laptops put heavy-duty power into feathery bodies||4|
|Antec P110 Silent touts quiet looks and quiet operation||1|
|Monkey Day Shortbread||7|
|Thursday deals: a nice Z370 mobo, a huge VA display, and more||0|
|Samsung's Notebook 9 portables rock eighth-gen Core i7s||3|
|Rumor: Ryzen 2 set for Q1 2018 and a Fenghuang APU breaks cover||43|
|TR's 2017 Christmas giveaway: eight days left and counting||8|
|MSI gives Radeon RX Vega cards an Air Boost||22|
|Corsair's latest SO-DIMM kit takes 32 GB of DDR4 to 4000 MT/s||8|
|Full disclosure: while I work for Intel; the opinions I express here are my own I think I understanding the issue you ran into. For the Braswell platf...||+37|