In 2013, Bluebox Security announced that they had found a bug in Android that could be used to modify the contents of any application package (including ones distributed as part of the system software) without affecting the attached cryptographic signatures; details to be disclosed at Black Hat USA 2013. I don't want to explain in detail as this site explain it well: http://www.computerworld.com/article/2483525/security0/android-flaw-lets-attackers-modify-apps-without-breaking-signatures.html
However there was no news if it has been fixed. I find that there is really an app "Xmodgames" which is exactly doing the same thing.After granting it root permissions It modifies game files without breaking its signature.
You can't update that app automatically from play store once its signature get broken right? I assumed the same thing but even if xmodgames applies the mod on a game you can still update that game from play store. It means that it keeps the signature intact. Has it not really been fixed till yet?