More malware is now using the Android Master Key vulnerability to take advantage of unsuspecting users.
Two other security researchers, Symantec and Trend Micro, found malware, and now Sophos discovered applications that are taking advantage of the hole.
The Sophos researchers analyzed three files. Two of them, designed to collect data on installed applications, SMSs and IMSI numbers, and send SMSs to a list of numbers in China, don’t work because the modifications made by the cybercriminals have invalidated the APK.
But the third sample, which says it is an add-on called “Fashion” for picture-based messaging application Lexin, does work. It steals data and sends out SMSs from the infected devices.
Experts advise users to protect themselves against such malicious apps by downloading applications only from Google Play.
Currently, most mobile antiviruses have gone through the process of updating their software to detect applications that exploit the “master key” vulnerability, so installing a security application is highly recommended.