Platform certificates used by Android smartphone vendors like Samsung, LG, and MediaTek have been found to be abused to sign malicious apps.
The findings were first discovered and reported by Google reverse engineer Łukasz Siewierski on Thursday.
"A platform certificate is the application signing certificate used to sign the 'android' application on the system image," a report filed through the Android Partner Vulnerability Initiative (AVPI) reads.
"The 'android' application runs with a highly privileged user id – android.uid.system – and holds system permissions, including permissions to access user data."
Read more here : Hackers Sign Android Malware Apps with Compromised Platform Certificates (thehackernews.com)