Windows Malware in Android Apps? Hundreds of Play Store Apps infected

Posted on August 7, 2018 at 11:29 AM

Windows Malware in Android Apps? Hundreds of Play Store Apps infected

One of the largest network security companies in the nation, Palo Alto Networks, has confirmed that more than 140 downloadable apps on the Play Store powered by Google were infected with malign Microsoft Windows PE files. Quite a few of those infected apps were shown to have thousands of downloads and are rated with 4 Stars.

The Good News

The viruses are meant for systems running Windows, which means your Android is most likely not infected. Unfortunately, if you’ve connected your Android device to a Windows PC and downloaded the source code to execute the portable executable file within, then you could almost bet that your device is infected.

A Palo Alto Networks researched blogged:

These embedded Windows executable binaries can only run on Windows systems: they are inert and ineffective on the Android Platform. The fact that these APK files are infected indicates that the developers are creating the software on compromised Windows systems that are infected with malware.

Not-So-Good News

As Palo Alto Networks stated above, the simple fact that Google Play Store allowed apps that contained malicious malware is no good. Software developer “Odieapps” doesn’t seem to be monitoring the security side of apps, which is also something to be concerned about.

Statements have been made by researchers that these types of bugs have the potential to threaten the software stock chain as a whole. They claim that the infections open the door for larger-scale attacks to be made, referencing the NotPetya and KeRanger malware as examples.

The Apps and Their Bugs

Though it is true the apps were shown to contain several different types of bugs designated for Windows systems, almost all of them contained the Windows keylogger infection. The malware bugs were loaded as PE files Though the malware bugs had been created by different developers, a certain PE file had been found hidden within the source code of all but 3 of the 145 infected apps.

According to researchers, the only reason the malware and keylogger were ever able to infiltrate the apps was that the application developers had unknowingly developed the apps on an already infected OS (Operating System).

Here are a few of the apps that were infected:

  • Baby Room
  • Yoga Meditation
  • Unique Graffiti
  • Papa Flower
  • Gymnastics

The infected Play Store applications were uploaded in 2017 during the months of October and November, a one-month time frame. The apps were available to be downloaded for as long as 6 months before any red flags were raised. Google immediately pulled the apps from the Play Store once Palo Alto Networks released their findings.

Summary
Windows Malware in Android Apps? Hundreds of Play Store Apps infected
Article Name
Windows Malware in Android Apps? Hundreds of Play Store Apps infected
Description
One of the largest network security companies in the nation, Palo Alto Networks, has confirmed that more than 140 downloadable apps on the Play Store powered by Google were infected with malign Microsoft Windows PE files.
Author
Publisher Name
Koddos
Publisher Logo

Share this:

Related Stories:

Newsletter

Get the latest stories straight
into your inbox!

YOUTUBE

Discover more from KoDDoS Blog

Subscribe now to keep reading and get access to the full archive.

Continue reading