Google-Play-8415-AH-1

App Found Within Google Play Contains Certifi-Gate

August 26, 2015 - Written By Dennis Patrick

As Android owners, we’ve been dealing with some unpleasant news lately. There were announcements recently of a harmful bug exploit known as Stagefright. For those unaware, Stagefright is a bug that could access Android running smartphones through an MMS. While most Android users are fully aware of the exploit, there are still some manufacturers dealing with the bug and patching up their handsets to prevent their users from dealing with this inconvenience. Even more recently, we’re learning of Certifi-gate, yet another exploit that can be harmful by taking control of your device.

We recently covered Certifi-gate, again for those unaware, Certifi-gate can exploit your device by accessing your handset’s screen and actions. The exploit is even noted that several big name manufacturers are prone for receiving the bug with some of the OEM’s on that list being LG, Samsung, and HTC. However, what’s more, worrisome about this particular exploit is that the bug can’t be removed by simply uninstalling the infected application. Instead, the only way for consumers to rid their handset of the infection is by installing an update provided by their manufacturer. There’s no bug that’s ideal to have on your smartphone, but it seems that Certifi-gate is one that’s becoming more inconvenient for both consumer and OEM.

While Google does a decent job at detecting what applications are potentially harmful to your smartphone and blocking them from Google Play, we’re getting word of one app already bypassing the scans and infecting smartphone users. This application is known as Recordable Activator, an application that promises consumers that it will be able to record your smartphone display without having to root your device. Apparently the application uses a plug-in from a vulnerable version of TeamViewer to send off the exploit. Because Android already considers the TeamViewer plug-in as trustworthy, the developer Invisibility Ltd was able to easily get the application approved and listed within the Google Play marketplace.

Recordable Activator has since been taken down from Google Play and Google is investigating the issue. As for TeamViewer, they admit that the application is using their plug-in but in violation to their code as the plug-in is not allowed for use with any third parties. We’re interested in seeing if there are any other applications with the exploit present. For now it’s best that you avoid downloading and installing applications that are not trustworthy and you’ll want to keep a look out for any updates or security patches sent directly from your OEM.