Google Play apps infected with Windows executable files
Gadgets Now Bureau | Aug 4, 2018, 07:00AM IST
Google Play Store has become a platform for yet another malware.
According to a report by Palo Alto Networks, 145 apps on the Google Play Store have been spotted with malicious Microsoft Windows executable files instead of malicious IFrames.
Since the issue was reported to Google, it has taken down the apps from its Play Store.
Despite the malware, these apps are said to be harmeles for the Android mobile operating system "as these embedded Windows executable binaries can only run on Windows systems: they are inert and ineffective on the Android platform." One probable reason for this malware has been stated that the "developers are creating software on compromised Windows systems that are infected with malware." Even though the same developers offer both infected and non-infected apps on Google Play.
As per the report, these infected apps were released from October 2017 to November 2017 on Google Play. This means that these apps have been on Play Store for more than six months. Out of these infected apps, quite a few have more than 1,000 installations and 4-star ratings.
The list of infected apps include “Learn to Draw Clothing”, an app that teaches people how to draw and design clothing; “Modification Trail”, an app that shows images of trail bike modification ideas; “Gymnastics Training Tutorial”, an app that lets people find healthy ideas for gymnastic moves.
"Among these infected apps, one APK file may contain multiple malicious PE files at different locations, with different file names. However, there are mainly two PE files embedded across all of the infected apps," explains the report.
As mentioned above, even though these apps cannot directly run on the Android hosts, the situation will go much worse "if the APK file is unpacked on a Windows machine and the PE files are accidentally executed, or the developers also issue Windows-based software, or if the developers are infected with malicious files runnable on Android platforms."
According to a report by Palo Alto Networks, 145 apps on the Google Play Store have been spotted with malicious Microsoft Windows executable files instead of malicious IFrames.
Since the issue was reported to Google, it has taken down the apps from its Play Store.
Despite the malware, these apps are said to be harmeles for the Android mobile operating system "as these embedded Windows executable binaries can only run on Windows systems: they are inert and ineffective on the Android platform." One probable reason for this malware has been stated that the "developers are creating software on compromised Windows systems that are infected with malware." Even though the same developers offer both infected and non-infected apps on Google Play.
As per the report, these infected apps were released from October 2017 to November 2017 on Google Play. This means that these apps have been on Play Store for more than six months. Out of these infected apps, quite a few have more than 1,000 installations and 4-star ratings.
The list of infected apps include “Learn to Draw Clothing”, an app that teaches people how to draw and design clothing; “Modification Trail”, an app that shows images of trail bike modification ideas; “Gymnastics Training Tutorial”, an app that lets people find healthy ideas for gymnastic moves.
"Among these infected apps, one APK file may contain multiple malicious PE files at different locations, with different file names. However, there are mainly two PE files embedded across all of the infected apps," explains the report.
As mentioned above, even though these apps cannot directly run on the Android hosts, the situation will go much worse "if the APK file is unpacked on a Windows machine and the PE files are accidentally executed, or the developers also issue Windows-based software, or if the developers are infected with malicious files runnable on Android platforms."
Subscribe and get the
top tech news of the day
Delivered to your mailbox
All Comments (0)+^ Back to Top
Refrain from posting comments that are obscene, defamatory or inflammatory, and do not indulge in personal attacks, name calling or inciting hatred against any community. Help us delete comments that do not follow these guidelines by marking them offensive. Let's work together to keep the conversation civil.
HIDE