Save up to $1,100 on Galaxy S24 Ultra!
Amazon Black Friday is here
The Amazon Black Friday deals are here early, enjoy the best discounts of the year now.
00 days
00 hrs
00 mins

More than 100 Play Store apps tried to infect Android devices with Windows malware

By
11comments
Google News Follow
Follow us on Google News
Android Apps

In a curious case uncovered by security research firm Palo Alto Networks, 132 apps published on Google's Play Store were found to contain malware designed for Windows PCs. The apps, which were published by a total of seven developers and some of which had more than 10,000 downloads, all shared the common symptom of concealed iframe tags in their HTML code.

The iframes, which are most commonly used for embedding external elements, such as a YouTube video, in a webpage, tried loading elements from two well-known malicious Poland-based domains. What's even more curious is the fact that both of those domains were seized by Polish authorities all the way back in 2013. All of that led the researchers to the conclusion that the apps' developers had no bad intentions, but were most likely the victims of a hack themselves.

This was further corroborated by the fact that all seven of the developers were located in or near Indonesia, and many of the apps' names included the country's name, too. The hypothesis presented by the researchers is that the devs were infected from a common source with a malware that scans their hard disk for HTML files and injects them with malicious iframes. Thus, when uploading their apps to the Play Store, the included files were also infected.

Even if the malware included in the apps was Windows-specific and the domains it was supposed to be downloaded from were disabled a long time ago, this discovery is still somewhat problematic. Concealed iframes have been a well-known attack method for many years, and yet, Google's app screening process did nothing to flag these apps as potentially malicious. The Play Store has been known to contain malware in the past, too, leading to the question of whether current security procedures are enough, and whether Google even cares at all, seeing as it also systematically promotes useless adware on its storefront.

Recommended Stories

Loading Comments...

Popular stories

Time has come to say goodbye to T-Mobile app after 12 years
Time has come to say goodbye to T-Mobile app after 12 years
T-Mobile introduces welcome change for iPhone users
T-Mobile introduces welcome change for iPhone users
AT&T wants to shut down a network with only 52 users (UPDATE: AT&T responds)
AT&T wants to shut down a network with only 52 users (UPDATE: AT&T responds)
People are hearing voices coming from their iPhone
People are hearing voices coming from their iPhone
This better not be happening: YouTube Premium users are seeing ads
This better not be happening: YouTube Premium users are seeing ads
Best Buy is now selling the 512GB OnePlus 12 flagship at its killer Black Friday price
Best Buy is now selling the 512GB OnePlus 12 flagship at its killer Black Friday price

Latest News

Amazon slashes the 512GB Galaxy S24 Ultra by $350 for Black Friday, making it a can't-miss offer
Amazon slashes the 512GB Galaxy S24 Ultra by $350 for Black Friday, making it a can't-miss offer
Surprise Amazon Black Friday deal slashes more than $250 off the cheapest Pixel 9 model
Surprise Amazon Black Friday deal slashes more than $250 off the cheapest Pixel 9 model
Sizzling hot Black Friday 2024 deal makes Apple's 2022 iPad cheaper than ever before
Sizzling hot Black Friday 2024 deal makes Apple's 2022 iPad cheaper than ever before
Oppo Find X8 Series goes global with new Hasselblad camera system, ColorOS 15
Oppo Find X8 Series goes global with new Hasselblad camera system, ColorOS 15
T-Mobile proves its mettle against Verizon and AT&T by doing for customers what rivals were unable to
T-Mobile proves its mettle against Verizon and AT&T by doing for customers what rivals were unable to
Apple releases iPhone and iPad security updates you should install ASAP
Apple releases iPhone and iPad security updates you should install ASAP
FCC OKs Cingular\'s purchase of AT&T Wireless