Google researcher reports that certificates signing keys of Samsung, LG, Mediatek and many other OEMs were leaked.
Lukasz Siewierski, member of Google's Android Security Team, he published στον issue tracker του Android Partners Vulnerability Initiative (AVPI) κλειδιά πιστοποιητικών της πλατφόρμας που διέρρευσαν και χρησιμοποιούνται για την υπογραφή κακόβουλου λογισμικού.
The post is a list of certificates, but if you run each of them through the APKMirror or the website VirusTotal of Google well-known names will appear: h SamsungThe LG and Mediatek are the big hits on the list of leaked certificates, along with some smaller OEMs like Revoview and Szroco, maker of Walmart's Onn tablets.
Ο Senior Technical Editor Mishaal Rahman, also posted excellent information for the specific leak on Twitter.
As he explains, having a application that has the same UID as Android's system isn't quite root access, but it's close and allows that app to escape any sandboxing restrictions that exist for system apps.
These apps can communicate directly with (or, in the case of malware, spy on) other apps on phone your. Imagine a malicious version of Google Play Services to get an idea.