On March 24, we released the details of a vulnerability impacting millions of Android devices that allows an attacker to modify applications during the installation process. At that time we also released a scanner application that allowed users to determine whether their phone or tablet contained the vulnerability.
As with many newsworthy events, a few enterprising attackers have capitalized on this vulnerability and have released imposter scanner applications that infect the devices of unsuspecting users with malware. The activity does not appear to be widespread, but we remind our readers that the only legitimate places to retrieve the scanner are:
Other sources purporting to provide the same scanner application may not be trustworthy.