Displaying items by tag: Andorid

Remember how everyone was up in arms over the existence of a “Master Key” bug that existed in all versions of the Android operating system? Well it looks like someone has found a way to use the flaw to their advantage. Symantec has found two apps (available in China) that use the Master Key flaw to spread a new form of malware. To give a little background the original flaw was publicly disclosed by Bluebox security on the 3rd of July 2013. It was reported to Google in February 2013. The flaw allows a malicious individual (or group) to alter an application without affecting the apps cryptographic signature. This means that the app looks exactly like a legitimate app bypassing the security at the app store and the phone level.