Slashdot Mirror

← Back to Stories (view on slashdot.org)

Many Android Users Susceptible To Plug-In Exploit -- And Many Of Them Have It

Posted by timothy on from the disheartening-news dept.

Ars Technica reports that a recently reported remote access vulnerability in Android is no longer just theoretical, but is being actively exploited. After more than 100,000 downloads of a scanning app from Check Point to evaluate users' risk from the attack, says Ars, In a blog post published today, Check Point researchers share a summary of that data—a majority (about 58 percent) of the Android devices scanned were vulnerable to the bug, with 15.84 percent actually having a vulnerable version of the remote access plug-in installed. The brand with the highest percentage of devices already carrying the vulnerable plug-in was LG—over 72 percent of LG devices scanned in the anonymized pool had a vulnerable version of the plug-in.

3 of 61 comments (clear)

  1. "infinitesimal percentage of devices". For remote by raymorris · · Score: 3, Insightful

    The article states it "discovered installed on an infinitesimal percentage of devices". These are devices with TeamViewer installed, an application DESIGNED to allow someone to remotely control your device over the network.

    If you install TeamViewer on Windows, people can take over your machine over the internet. If you install TeamViewer on Mac, people can take over your machine over the internet. That's what it's designed for. Therefore, from a security perspective TeamViewer is a very bad idea.

    It's no surprise that an application designed to give someone else full control of your machine is imperfect, and therefore can sometimes allow full access by someone who shouldn't have access.

  2. That is so cool by piojo · · Score: 4, Insightful

    > Check Point researchers found an app that is actively exploiting the vulnerability. A tool called “Recordable Activator” from UK-based Invisibility Ltd is advertised as an “EASY screen recorder” that doesn’t require root access to the device. But in fact once installed from the Google Play store, the app downloads a vulnerable version of the TeamViewer plug-in from another source... "“it’s [the plug-in] considered trusted by Android, and is granted system-level permissions. From this point ‘Recordable Activator’ exploits the authentication vulnerability and connects with the plug-in to record the device screen.”

    Am I the only one that thinks this is incredibly cool? It's not clear to me whether this is exactly the same thing as a root exploit, but some screen recording app developers figured out they could hijack an old version of a well-known app that can do screen recording. This is just a beautiful hack.

    But I didn't think having system-level permissions was enough to root a device. And furthermore, does this hack let you do arbitrary actions, or only the actions that the plugin would do?

    --
    A cat can't teach a dog to bark.
  3. Check Point = Mossad by Anonymous Coward · · Score: 2, Insightful

    Who the hell would voluntarily install software from Check Point on their phone?!?