Certifi-gate is the name given to a new vulnerability discovered in the platform Android that runs on hundreds of millions of smartphones and tablets around the world, allowing hackers to take total control over the operating system.
Discovered by a company specialized in computer security called Check Point, the vulnerability Certifi-gate affects the manufacturers' smartphones and tablets Samsung, LG, HTC, ZTE, Huawei and not only that, but the basis is a problem that cannot be solved by users.
Certifi-gate is based on a problem Remote Support which allows hackers to use manufacturers' certificates to take control of the operating system Android and see everything that users do in their own terminals, all without them knowing.
Because vulnerability Certifi-gate in order to be exploited, it is necessary for the users to install an application in the terminals and run it, so we are not talking about a problem that involves hacking the terminals remotely without the user actually taking an action.
Google confirmed the existence of the Certifi-gate vulnerability and stated that the problem lies with the manufacturers of mobile terminals and not necessarily with Android, because it is based on the wrong implementation of Remote Support and the use of manufacturer certificates to take control of the devices.
Considering that manufacturers of Android smartphones and tablets have to update their operating system versions, solving the problem will take some time and will not even be available to everyone, considering that old terminals have little support.
On the other hand, the possibility of a user installing an application that exploits the Certifi-gate vulnerability is quite small, because applications of this kind will not reach Google Play, so only installing applications from unknown third-party stores can put users in danger at the moment.
