Categories: NewsSecurity

132 Android Apps are Embedded With Windows Malware

Cyber criminals have come up with yet another tactic that leaves security researchers puzzled. It appears windows malware code is showing up in Android applications all of a sudden. While that may sound rather strange, it appears several dozen Android apps are infected with malicious iFrames. All of these apps are currently listed in the Google Play Store, which makes this whole ordeal even more troublesome.

Android Apps Contain Windows Malware

Palo Alto Networks’ security researchers are quite baffled by this recent discovery. While it is not uncommon to find malware within Android applications on the Google Play Store, it is the first time windows malware is embedded into these apps. To be more precise, 132 applications have hidden iFrames embedded in the code which link to malicious domains in their local HTML pages. The goal of doing this is to ensure users download the malware hosted on those websites.

The bigger question is what the criminals hope to achieve by spreading Windows malware through Android applications. It is very likely the developers of these applications have become a victim of criminal activity themselves, rather than deliberately taking this approach. More specifically, the developers’ developer platforms may have been infected with this Windows malware, which then embeds itself within the framework.

Assuming that is the case, it goes to show mobile app developers can spread malware without even being aware of doing so. This allows criminals to infected millions of users with relative ease, as they don’t even have to develop malicious applications themselves. The fact these apps are also listed in the Google Play Store is quite disconcerting, as Google should weed out these problematic apps in the first place.

Related Post

One SophosLabs researcher feels there is a lot more to this story than meets the eye, though. Rowland Yu is convinced this is not a case where innocent developers were attacked by malware, he believes all of the uncovered apps are created by one and the same developer on purpose. Apparently, there is the name of “Nandarok” which keeps coming back throughout various stages of the research. It is possible other developers are involved in this deliberate scheme as well, although that has not been confirmed at this time.

Several dozen Android applications all trace back to the Nandarok developer name. It appears this developer is targeting users in a very specific manner. One of the most top downloaded apps created by this developer is called “Girls phone numbers”, which saw between 100,000 and 500,000 downloads. A rather unusual approach to spreading malware, but it seems to be rather effective. Thankfully, Windows malware can’t do any major harm to Android devices, at least for the time being.

Thankfully, Google has been alerted about these several dozen applications which pose a problem. The technology giant started to remove these applications one by one, although there is still a lot of work to be done. Security researchers will have to keep an eye on the Play Store to ensure no new Windows malware-laden applications will show up in the future. For now, it is advised Android users do not download any applications developed by Nandarok, as they are all at risk of containing malware.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx

Recent Posts

100% Bonus Offer from BlockDAG, INJ Dominates DeFi & ADA Price Stumbles

Whales Make a Splash After BlockDAG's 100% Bonus Offer Goes Live - INJ Ecosystem Boosts…

6 hours ago

Plus Wallet: Top Crypto Wallet for Massive Rewards

Plus Wallet—Where Effortless Crypto Management and Rewards Align Perfectly In the world of cryptocurrency management,…

7 hours ago

Aptos (APT) and Tron (TRX) Prices Slide, As Volume Soars For Rollblock Suggesting Parabolic Rally

As Aptos and Tron prices take a recent downturn, the spotlight shifts to Rollblock, whose…

15 hours ago

Altcoins to Watch in November: Binance Coin (BNB), Rollblock (RBLK), and Neiro (NEIRO)

As the crypto markets roll into their most bullish time of year, we present three…

15 hours ago

Analysts Forecast $1 for Cardano and Lunex Network As Dogwifhat Plunges To Former Lows

As the crypto market prepares for a major rally, experts believe that two top altcoins,…

15 hours ago

Retail Traders Panic Sell During ‘Fake Dip’; Whales Hold Tight to SOL, DTX, and SHIB for a Millionaire-Maker Bull Run

Solana (SOL): A Strong Ecosystem Despite Volatility Solana (SOL) has been all over the place…

15 hours ago