Leaked Signing Keys Are Being Used to Sign Malware
Schneier on Security
DECEMBER 8, 2022
A bunch of Android OEM signing keys have been leaked or stolen, and they are actively being used to sign malware. This is a huge problem. The whole system of authentication rests on the assumption that signing keys are kept secret by the legitimate signers.
Let's personalize your content