Android Developers Conference 28 june 2012. — Reuters Photo
Android Developers Conference 28 june 2012. — Reuters Photo

The Android operating system has been vulnerable to hackers for the past four years, allowing them to modify or manipulate any legitimate application and enabling them to transform it into a Trojan program.

These Trojan programs can further be used to steal data or take control of the OS.

Researchers at Bluebox Security, a mobile security startup firm in San Francisco, uncovered the flaw and will be addressing the issue in detail at the Black Hat USA security conference in Las Vegas in coming weeks.

The vulnerability identified by the Bluebox researchers effectively allows attackers to add malicious code to already signed application packages (APKs) without breaking their signatures.

When an application is installed and a sandbox is created for it, Android records the application's digital signature, said Bluebox Chief Technology Officer Jeff Forristal. All subsequent updates for that application need to match its signature in order to verify that they came from the same author, he said.

The vulnerability has existed since at least Android 1.6, code named Donut, which means that it potentially affects any Android device released during the last four years, the Bluebox researchers said in a blog post.

"Depending on the type of application, a hacker can exploit the vulnerability for anything from data theft to creation of a mobile botnet," they said.


Do you have information you wish to share with Dawn.com? You can email our News Desk to share news tips, reports and general feedback. You can also email the Blog Desk if you have an opinion or narrative to share, or reach out to the Special Projects Desk to send us your Photos, or Videos.

More From This Section

Comments (2) Closed


Zoya Bennet
Jul 08, 2013 09:25am

On my view, if you take any application or technological growth aspects there are chances to hack it and no wonder Android applications is also in this list. Despite of all these Android is holding the top position in market just because of the best features in it.

Zoya Bennet
Jul 08, 2013 09:19am

On my view, if you take any application or technological growth aspects there are chances to hack it and no wonder Android applications is also in this list. Despite of all these Android is holding the top position in market just because of the best features in it.