Android Apps Carrying Windows Malware Yanked From Google Play

Discussion in '0-day Release' started by silversurfer, Aug 1, 2018.

  1. silversurfer

    silversurfer Malware Tester Silver Member

    Google recently removed 145 applications from Google Play after they were found to carry malicious Windows executables inside, Palo Alto Networks reveals.

    Most of the infected applications, Palo Alto's researchers say, were uploaded to the application store between October and November 2017 and remained there for over half a year. Google removed all of them after being alerted on the issue.

    While not representing a threat to the Android users who downloaded and installed them, the malicious code within these APKs is proof of the dangers posed by supply chain attacks: the software developers built these applications on compromised Windows systems.

    Some of the infected Android applications had over 1000 downloads and 4-star ratings before being removed from Google Play.

    The security researchers discovered that some of the infected APKs contained multiple malicious PE files at different locations, with different names. However, two malicious files were found embedded in most applications.

    Full Article:
    RGiskardR likes this.
  2. Google Adsense

Share This Page