Compromised Android platform certificate keys from device makers including Samsung, LG and Mediatek are being used to sign malware and deploy spyware, among other software nasties.
Googler Łukasz Siewierski found and reported the security issue and it’s a doozy that allows malicious applications signed with one of the compromised certificates to gain the same level of privileges as the Android operating system — essentially unfettered access to the victim’s device.
Also in the alert, Google listed 10 malware samples and related SHA256 hashes, and recommended all affected smart-device vendors rotate their platform certificates.
Read more about this at theregister.com