A recent report warned that Samsung and LG smartphones are at risk of malware attacks, due to a leaked Android certificate.
Android’s certification has been leaked online, exposing millions of devices to malware attacks, according to the report published on Gizmochina.
In addition to Samsung and LG phones, all smartphones with MediaTek chips are also at risk of being attacked by this malware.
Malicious parties can use the leaked Android certificate to install malware on users’ smartphones.
Hostile actors can also introduce malware without the knowledge of Google, the phone manufacturer, or the app developer.
Theoretically, the attacker could install the malware while posing as a legitimate software update if users downloaded the update from a third-party website.
The Android security team has already notified the affected companies about the issue.
Google also advised affected phone companies to rotate the platform’s certificate, by replacing it with a new set of public and private keys.
The report indicated that Samsung had been aware of the problem for some time, and had addressed the security vulnerability.