A rumor reported that in making trusted malware apps it get access to the whole Android OS on devices from Samsung, LG, and other.
As per source Mishaal Rahman, Google’s Android Partner Vulnerability Initiative (APVI) has revealed a new vulnerability that affected Samsung, LG, Xiaomi, and others. The fact that multiple Android OEMs’ platform signing keys have been leaked outside of their respective purpose, is the main issue. This key is used to verify that the Android version on your device is genuine and made by the manufacturer. Individual applications can also be signed with the same key.
Add Realmicentral to your Google News feed. Â 
Any app signed with the same key used to sign the operating system itself is trusted by Android by design. Using Android’s shared user ID system, a malicious attacker with those app signing keys could give malware full system-level permissions on an affected device.
Android vulnerability doesn’t just occur when installing an unknown app. An attacker could add malware to a trusted app, and sign the malicious version with the same key, and Android would trust it as an update because these leaked platform keys are also sometimes used to sign common apps, such as the Bixby app on at least some Samsung phones. This approach would be effective regardless of whether an application was sideloaded, or downloaded from the Play Store, or the Galaxy Store.
While the hash of some example malware files is shown in Google’s public reveal, it does not specify which OEMs or devices were affected. Fortunately, each file has been uploaded to VirusTotal, which frequently reveals the affected company’s name.
Here, below mentioned some company’s names whose keys leaked:
- Samsung
- LG
- Mediatek
- szroco (makers of Walmart’s Onn tablets)
- Revoview
Finally, Google described the short way, these companies’ keys are leaked so they have to remove these keys from the devices. This can save other apps and data of the devices.
