Certifi-Gate: Front-Door a Access to Pwning Millions of Androids

by Ohad Bobrov, Avi Bashan
Sept. 18, 2017 1 comment www.blackhat.com belen_caty Pen Testing & Audits

In this session, Lacoon researchers will walk through the technical root cause of these responsibly-disclosed vulnerabilities including hash collisions, IPC abuse and certificate forging which allow an attacker to grant their malware complete control of a victims device. We'll explain why these vulnerabilities are a serious problem that in some ways can't be completely eliminated, show how attackers exploit them, demonstrate an exploit against a live device, and provide remediation advice.


Steven Ulm 6 months ago

Good title, good article :) Thanks for sharing it with us !