Google last week (June 6) confirmed that cyberthieves had managed to pre-install malware into the Android framework backdoor. In short, the malware appeared to be blessed by Google at the deepest point within Android.
“In the Google Play app context, installation meant that [the malware] didn’t have to turn on installation from unknown sources and all app installs looked like they were from Google Play,” wrote Lukasz Siewierski, of the Android security and privacy team, in a blog post. “The apps were downloaded from the C&C server and the communication with the C&C was encrypted using the same custom encryption routine using double XOR and zip. The downloaded and installed apps used the package names of unpopular apps available on Google Play. They didn’t have any relation to the apps on Google Play apart from the same package name.”
Click here for original story, That malware with its own backdoor into Android’s framework? Don’t worry Google’s on it. (Gulp!)
Source: Computer World