Hackers Sign Android Malware Apps with Compromised Platform Certificates
Platform certificates used by Android smartphone vendors like Samsung, LG, and MediaTek have been found to be abused to sign malicious apps
Stay updated on certificate-related infosec topics, including SSL/TLS, PKI, and digital certificate management for robust cyber security.
Search across headline titles and summaries.
Background for this topic.
Digital certificates are electronic documents that verify the ownership of a public cryptographic key by an individual, organization, or device. Issued by trusted Certificate Authorities (CAs) within a Public Key Infrastructure (PKI), certificates enable secure communication by confirming identities and supporting encryption protocols like TLS. They include information such as the subject’s name, public key, issuer, validity period, and digital signature from the CA.
Security concerns with certificates focus on risks like CA compromise or fraudulent issuance, which can allow attackers to impersonate legitimate entities and intercept or alter encrypted traffic. Expired or revoked certificates may cause connection failures or be exploited if clients do not properly validate them. Effective certificate lifecycle management—including timely renewal, revocation checking (via CRLs or OCSP), and monitoring for unauthorized certificates—is essential to maintaining trust and preventing man-in-the-middle attacks or unauthorized access.
Platform certificates used by Android smartphone vendors like Samsung, LG, and MediaTek have been found to be abused to sign malicious apps
Platform certificates used by Android smartphone vendors like Samsung, LG, and MediaTek have been found to be abused to sign malicious apps
'There is no evidence to suggest that TrustCor violated conduct, policy, or procedure' says biz Mozilla and Microsoft have taken action against a certificate authority accused of having close ties to a US military contractor that allegedly paid software developers to embed data-harvesting malware in mobile apps.…
Multiple platform certificates used by Android OEM device vendors to digitally sign core system applications have also been used to sign Android apps containing malware. [...]
Multiple platform certificates used by Android OEM device vendors to digitally sign core system applications were utilized by threat actors to sign apps containing malware. [...]
Free certificate authority serves over 300 million websites
Internet Security Research Group (ISRG), the nonprofit behind Let's Encrypt, says the open certificate authority (CA) has issued its three billionth certificate this year. [...]