Security firm claims 99 percent of Android apps open to takeover

Researchers from Bluebox Security claim to have discovered a vulnerability in Android’s security model that could allow attackers to convert 99 percent of all applications into a trojan. According to Bluebox Security CTO Jeff Forristal, who made a very high-level post on the company’s blog on how the vulnerability works, applications could be modified to do things like steal data or connect to a botnet and go completely unnoticed by the app store, phone, and end user. “This vulnerability, around at least since the release of Android 1.6, could affect any Android phone released in the last four years — or nearly 900 million devices.