Certifi-gate is alive, well, and hiding in a Google Play-approved app
Certifi-gate, the Android-related security hole found by Check Point, is now out in the wild. Worse still, Check Point claims it's hiding in a Google Play approved application: Invisibility Ltd.'s Recordable Activator.
TeamViewer has fixed the Certifi-gate hole. According to the company, "The updated version of TeamViewer QuickSupport for Android includes an improved security mechanism to ensure safe communication between internal app components. This enhancement prevents potential misuse of the QuickSupport app and its Add-On on compromised devices." Recordable Activator, because it's built around an older version of the program, is vulnerable to attacks that can record whatever's on your screen.
Check Point asserts that TeamViewer claims "the way this app uses its plug-in is a violation of the code's use and that it does not allow any third parties to use their code." What's happened is that Invisibility enabled Recordable Activator to record the screen without root access by taking advantage of an older TeamViewer user module's Certifi-gate security hole.
Security
Invisibility disagrees. According to a PC World report, Recordable Activator's creator Christopher Fraser had discovered the flaw in April 2015. He used it because it made recording the screen much easier and TeamViewer explicitly allowed its customer modules to be used with third-party software.
While they argue about who's responsible for enabling Certifi-gate attacks, users should be cautious. If you're one of the 100 to 500-thousand users who've downloaded Recordable Activator, you should uninstall it immediately. It's certain to be attacked by zero-day hackers.
Google removed Recordable Activator from the Play Store on August 25th. The program is still available on third-party Amazon app stores. It can also be found under a different name on the Amazon app store as EASY screen recorder.
Related Stories: