Android Master Key Bug Makes Your Android Devices Vulnerable To Malwares

Android Master Key Bug Makes Your Android Devices Vulnerable To Malwares

Would you share this Article with others?

The Android "Master Key" bug or vulnerability, discovered by mobile security company, BlueBox, makes your Android devices vulnerable to malware attacks. The "Master Key' bug or vulnerability is a software flaw in the Android operating system (OS) that is responsible for protecting the device against malicious applications.

The vulnerability allows a hacker to modify a legitimate application, turning it into to malicious program called a Trojan.  A hacker does this by modifying the legitimate application’s APK code without breaking the cryptographic signature, thereby, making the hacked application, turned into a malicious Trojan, completely unnoticed by the App Store, the device, or the phone's end user.

Android uses the APK code / cryptographic signature to determine if an application is legitimate and to verify that the application has not been tampered with or modified.

With the malicious Trojan installed on an Android device, it will have access to the Android operating system features and applications. This will allow the Trojan to access data on the device, which includes: emails, SMS messages, documents, stored accounts and passwords.

Also, the Trojan can take control of the device, which will allow it to: make phone calls, send SMS messages, turn on camera, and record phone calls.

BlueBox has released a free application to check if your Android device has any malicious applications installed that can take advantage of the "Master Key" vulnerability. This program can also determine if your Android device has been patched for this “Master Key” vulnerability and provides you with the necessary steps to take, to help protect your device against this threat.

This free application is available at Google Play and Amazon AppStore.

Click on one of the following links to download and install the application:

To prevent your Android device from getting infected with a malware due to the “Master Key” vulnerability, avoid downloading applications (apps) from untrustworthy or suspicious websites.

For Frequently Asked Questions (FAQ) about the "Master Key" bug or vulnerability, click here.

For more information about the "Master Key" bug or vulnerability, click here.

Note: Some of the names, addresses, email addresses, telephone numbers or other information in samples on this website may have been impersonated or spoofed.

Please share what you know or ask a question about this article by leaving a comment below. Check the comment section below for additional information, if there is any. Remember to forward suspicious, malicious, or phishing email messages to us at the following email address: And, report missing persons, scams, untrustworthy, or fraudulent websites to us. Tell us why you consider the websites untrustworthy or fraudulent. Also, to quickly find answers to your questions, use our search engine.

You can help maintain Online Threat Alerts (OTA) by paying a service fee. Click here to make payment.

Comments, Questions, Answers, or Reviews
There are no comments as yet, please leave one below or revisit.

To help protect your privacy, please do not post or remove, your full name, telephone number, email address, username, password, account number, credit card information, home address or other sensitive information in or from your comments, questions, or reviews.

Write Your Comment, Question, Answer, or Review
Write your comment, question, answer, or review in the box below to share what you know or to get answers. NB: We will use your IP address to display your approximate location to other users.
Your comment, question, answer, or review will be posted as an anonymous user because you are not signed in. Anonymous posts cannot be edited or deleted. Sign-in.

Android Master Key Bug Makes Your Android Devices Vulnerable To Malwares