Researches at Bluebox Security have discovered a vulnerability in Android core from version 1.6 (Donut). This means that almost all Android devices are vulnerable. The numbers are huge, it is about a billion devices. Apparently Samsung knew about this and its flagship, Galaxy S4, is patched and safe from this vulnerability. Bluebox will reveal details of this security hole during the Black Hat USA conference. To understand how serious this vulnerability is, a hacker can modify any application without breaking its cryptographic signature. He can turn an original application into a virus, trojan or any other kind of malware without us even knowing. Android uses this signature to verify and install an app so imagine how easy it is to hackers to install an apparently legitimate app with their malicious code. Be very careful on what you install and don’t accept anything free!

Most Android devices are at risk