Finally, Android platform is no longer immune from hacking. Bluebox Security has found a vulnerability in Android platform which could allow hackers to turn virtually any Android app into a malicious “zombie”. This would allow hackers to silently and remotely control a device's function, without raising the attention of the phone owner, Google or the app developer. This vulnerability dates back to Android 1.6 and could affect any of the 900 million Android devices in the market.
BlueBox Security's CTO Jeff Forristal revealed the company found a method by which a hacker could modify an app’s APK code without breaking the cryptographic signature used to authenticate it. Since verified apps are granted complete access to the Android system and all applications on a phone, the security weakness is potentially huge.
Forristal also mentioned that Apps listed on the Google Play store are immune from this tampering. This is yet another reason to stick to official apps stores for downloads.
A report from Juniper released last month claimed that mobile malware is an increasingly profit-driven business. The research firm estimates that the number of malicious mobile malware jumped 614% between March 2012 and March 2013 to account for more than 250,000 apps.