How do you know that an APK signature is not a fake?
What is to stop somebody unpacking an APK, inserting malicious code, repacking the APK, and signing it with a new key that simply copies all of the fields from the original publishers key (company name, locations, etc...)? Obviously it is...
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.