This is the claim from Bluebox Security: that pretty much any Android device can be hacked and thus either be read or, even, be turned into part of a botnet:
The Bluebox Security research team – Bluebox Labs – recently discovered a vulnerability in Android’s security model that allows a hacker to modify APK code without breaking an application’s cryptographic signature, to turn any legitimate application into a malicious Trojan, completely unnoticed by the app store, the phone, or the end user.
The Android OS being widely known for being a quite open mobile operating system, it is open to hacks and threats from time to time, so you have to be careful when you install an update or an app.
There have been reports stating that Android devices of celebrities in India, Moscow, and Australia have been affected by a malware last month, but Google is working on a strong update that will be released in the next few days.
I have been using Android OS powered devices for the past 2 years and I have encountered issues once in a while when it comes to the security that is usually browser based, and only if there are third-party apps installed on the smartphone.
The implications are huge!
This vulnerability, around at least since the release of Android 1.6 (codename: “Donut” ), could affect any Android phone released in the last 4 years:
1 – or nearly 900 million devices
2– and depending on the type of application, a hacker can exploit the vulnerability for anything from data theft to creation of a mobile botnet.