E-Paper | April 29, 2026

99% of Android apps vulnerable to attackers without breaking signatures

Spider MagazineBilal Brohi Published July 5, 2013
comments
Whatsapp Channel

The Android operating system has been vulnerable to hackers for the past four years, allowing them to modify or manipulate any legitimate application and enabling them to transform it into a Trojan program.

These Trojan programs can further be used to steal data or take control of the OS.

Researchers at Bluebox Security, a mobile security startup firm in San Francisco, uncovered the flaw and will be addressing the issue in detail at the Black Hat USA security conference in Las Vegas in coming weeks.

The vulnerability identified by the Bluebox researchers effectively allows attackers to add malicious code to already signed application packages (APKs) without breaking their signatures.

When an application is installed and a sandbox is created for it, Android records the application's digital signature, said Bluebox Chief Technology Officer Jeff Forristal. All subsequent updates for that application need to match its signature in order to verify that they came from the same author, he said.

The vulnerability has existed since at least Android 1.6, code named Donut, which means that it potentially affects any Android device released during the last four years, the Bluebox researchers said in a blog post.

"Depending on the type of application, a hacker can exploit the vulnerability for anything from data theft to creation of a mobile botnet," they said.

Our readers are at the heart of everything we do.
Do you have a thought to share or a way we can improve? We’d love to hear it. Reach out to us at feedback@dawn.com.
Sci-Tech

The author is a technology writer and assistant editor for Spider magazine. He tweets @bilalbrohi.

Bilal Brohi

Read more

Zoya Bennet
Jul 08, 2013 09:25am
On my view, if you take any application or technological growth aspects there are chances to hack it and no wonder Android applications is also in this list. Despite of all these Android is holding the top position in market just because of the best features in it.
Recommend 0
Zoya Bennet
Jul 08, 2013 09:19am
On my view, if you take any application or technological growth aspects there are chances to hack it and no wonder Android applications is also in this list. Despite of all these Android is holding the top position in market just because of the best features in it.
Recommend 0

Most Popular

01
02
03
04
05
06
07
08
09

Latest Stories

Opinion

Editorial

Growth to stability
Updated 29 Apr, 2026

Growth to stability

THE State Bank’s decision to raise its key policy rate by 100 basis points to 11.5pc signals a shift in priorities...
Constitutional order
29 Apr, 2026

Constitutional order

FOLLOWING the passage of the 26th and 27th Amendments, in 2024 and 2025 respectively, jurists and members of the...
Protecting childhood
29 Apr, 2026

Protecting childhood

AN important victory for child protection was secured on Monday with the Punjab Assembly’s passage of the Child...
Unlearnt lessons
Updated 28 Apr, 2026

Unlearnt lessons

THE US is undoubtedly the world’s top military and economic power at this time. Yet as the Iran quagmire has ...
Solar vision?
28 Apr, 2026

Solar vision?

THE recent imposition of certain regulatory requirements for small-scale solar systems, followed by the reversal of...
Breaking malaria’s grip
28 Apr, 2026

Breaking malaria’s grip

FOR the first time in decades, defeating malaria in our lifetime is possible, according to WHO. Yet in Pakistan,...
Dawn News English Podcasts
Subscribe