• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • April 13th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Security
Malware

Hundreds of Android apps on Play Store infected with Windows malware

August 2nd, 2018 Uzair Amir Security, Malware 0 comments
Hundreds of Android apps on Play Store infected with Windows malware
Share on FacebookShare on Twitter

Yes, malware in Android apps aimed at Windows devices.

Palo Alto Networks’ researchers have made a startling new discovery that nearly 145 applications available on the Google Play Store contain malicious Microsoft Windows executable files. Some of the malware-infected apps have been downloaded over a thousand times and display 4-star ratings.

The malicious code cannot infect Android devices because it requires a Windows system to be executed. The only way Android users can get their devices infected is if they connect their phones to a Windows computer and download any of the infected app’s source code to run the PE file hidden inside.
However, the very fact that these infected apps are available on the official Google Play Store is indeed concerning. Moreover, it indicates that software developer ‘odieapps’ isn’t paying enough consideration to the security aspect of the apps.

In a blog post, Palo Alto Networks researcher wrote:

“These embedded Windows executable binaries can only run on Windows systems: they are inert and ineffective on the Android platform. The fact that these APK files are infected indicates that the developers are creating the software on compromised Windows systems that are infected with malware.”

Researchers claim that such an infection is actually threatening to the entire software supply chain because it opens the gate for a wider attack scale for KeRanger and NotPetya sort of malware. Some of the malicious apps include:

  • Men’s Design Ideas
    Gymnastics Training Tutorial
    Learn to Draw Clothing
    Modification Trial
    Hair Paint Color

A majority of these apps contained Windows keylogger whole researchers claim that all the apps were infected with different types of Windows malware strains and were packed as Portable Executable files (PE). Some of the apps contain different malware infections and were developed by different developers. It was discovered that a specific PE file was present in the source code of 142 apps.

Hundreds of Android apps on Play Store infected with Windows malware

Apps marked in red contained Windows keylogger

It is also stated that the malware strains and the keylogger all found their way into the apps only after the app developers got infected with the malware, such as were developed on an infected OS.
“The fact that these APK files are infected indicates that the developers are creating the software on compromised Windows systems that are infected with malware,” researchers wrote.

These apps were uploaded to the Play Store between Oct 2017 and Nov 2017.

Another concerning fact is that the infected apps have remained on Google Play for more than 6 months, which means these stayed undetected by Google for so long. However, after it was reported by Palo Alto Networks, Google removed all the infected apps from its official Play Store.

  • Tags
  • Google
  • keylogger
  • Malware
  • Play Store
  • security
  • Windows
Facebook Twitter LinkedIn Pinterest
Previous article Notorious hacking group Fin7’s 3 main hackers arrested by the FBI
Next article ZombieBoy cryptomining malware exploits CVEs to evade detection
Uzair Amir

Uzair Amir

I am an Electronic Engineer, an Android Game Developer and a Tech writer. I am into music, snooker and my life motto is 'Do my best, so that I can't blame myself for anything.'

Related Posts
Researcher release PoC exploit for 0-day in Chrome, Edge, Brave, Opera

Researcher release PoC exploit for 0-day in Chrome, Edge, Brave, Opera

6-year-old Moodle flaw exposed millions to account takeover attack

6-year-old Moodle flaw exposed millions to account takeover attack

Scraped data of 1.3 million Clubhouse users published online

Scraped data of 1.3 million Clubhouse users published online

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Researcher release PoC exploit for 0-day in Chrome, Edge, Brave, Opera
Security

Researcher release PoC exploit for 0-day in Chrome, Edge, Brave, Opera

ShinyHunters dump partial database of broker firm Upstox
Hacking News

ShinyHunters dump partial database of broker firm Upstox

6-year-old Moodle flaw exposed millions to account takeover attack
Security

6-year-old Moodle flaw exposed millions to account takeover attack

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us