Facepalm: Like any other modern operating system, Android’s design employs a “privilege” based model. Such model is enforced by digital certificates, and it can become quite troublesome when the certificates are compromised somehow.
An undefined number of Platform digital certificates for Android were compromised by cyber-criminals and have been used to sign malware. First disclosed in November, the issue seems to be resolved now thanks to the aforementioned certificates’ revocation, but the risk still persists as attackers will continue to go after this type of access.