Blog: First Malicious Use of "Master Key" Android Vulnerability Discovered

Earlier this month, we discussed the discovery of the Master Key Vulnerability that allows attackers to inject malicious code into legitimate Android applications without in-validating the Digital Signature. We expected the vulnerability to be leveraged quickly due to ease of exploitation, and it has.

 

- Blog: First Malicious Use of "Master Key" Android Vulnerability Discovered