These past few days, Android has been in the spotlight since it was found a vulnerability in its security model, which could have affected nearly 900 million Android devices from the past four years. This vulnerability has affected mobile phones since the version 1.6 but has now been solved. A report in CIO said that Google has modified the Play Store’s app entry process and apps which used this exploit are blocked and can no longer be distributed.
What does this vulnerability consisted of? If you’re a hacker, you could have transformed a normal app into a malicious Trojan just by modifying the APK and without breaking the app’s cryptographic signature. That means the user would not know the app had changed and the hacker would be able to attack the phone easily. If the target of the hacker was a sub-set of apps developed by device creators or people that worked with them, the hacker would even be able to steal passwords and other important data.
Android has always been a big target for mobile malware because of its popularity and not being as locked down as other platforms. However, this problem might not be of great importance if you’re an average Android user getting the apps from Google Play, rather than other marginal stores.
Read From Source: Android's Security Hole Is Now Solved