A serious Android security vulnerability dubbed Janus could allow attackers to modify the code in applications without affecting their signatures. Attackers could then use the technique to gain indirect access to the device.
The Janus vulnerability (CVE-2017-13156) was first reported by GuardSquare back in July and was recently patched by Google and included in Google’s December Android Security Bulletin.
The flaw affects versions of Android from 5.1.1 to 8.0.
Researchers at Trend Micro recently spotted at least one app in the wild that used this vulnerability to make it more difficult to detect via mobile security apps.
The malicious app was at one time disguised as a junk cleaner and since morphed into a news app.
Read the full report for more details on the Janus threat.