Discovered Security Flaw May Affect 99% Of Android Users

  • Existed since Android 1.6
  • Android Master Key
  • Cryptographic signature

A vulnerability in Android’s security model was recently discovered by Bluebox Labs that reportedly puts 99% of Android users at risk from malicious software that may infect their devices.

  • Existed since Android 1.6
  • Android Master Key
  • Cryptographic signature

A vulnerability in Android’s security model was recently discovered by Bluebox Labs that reportedly puts 99% of Android users at risk from malicious software that may infect their devices.

According to BlueBox CEO Jeff Forristal, the vulnerability allows hackers to modify any legitimate APK file without breaking its cryptographic signature and turn it to a malicious Trojan that can be completely installed on an Android device without detection, effectively giving hackers and malware creators a master key to the Android operating system.

Moreover, researchers from Bluebox added that the security flaw has existed since Android 1.6 (Donut) and remains into the OS up to now. Bluebox claims that they have already notified Google about the exploit last February but at the moment, the only device that appears to be immune from the exploit is the Samsung Galaxy S4.

Google hasn’t provided any comment about the purported security bug but we do hope that the company as well as its manufacturer partners would distribute timely security patches that would resolve this issue.

Leave a Reply