Categories: NewsSecurity

132 Android Apps are Embedded With Windows Malware

Cyber criminals have come up with yet another tactic that leaves security researchers puzzled. It appears windows malware code is showing up in Android applications all of a sudden. While that may sound rather strange, it appears several dozen Android apps are infected with malicious iFrames. All of these apps are currently listed in the Google Play Store, which makes this whole ordeal even more troublesome.

Android Apps Contain Windows Malware

Palo Alto Networks’ security researchers are quite baffled by this recent discovery. While it is not uncommon to find malware within Android applications on the Google Play Store, it is the first time windows malware is embedded into these apps. To be more precise, 132 applications have hidden iFrames embedded in the code which link to malicious domains in their local HTML pages. The goal of doing this is to ensure users download the malware hosted on those websites.

The bigger question is what the criminals hope to achieve by spreading Windows malware through Android applications. It is very likely the developers of these applications have become a victim of criminal activity themselves, rather than deliberately taking this approach. More specifically, the developers’ developer platforms may have been infected with this Windows malware, which then embeds itself within the framework.

Assuming that is the case, it goes to show mobile app developers can spread malware without even being aware of doing so. This allows criminals to infected millions of users with relative ease, as they don’t even have to develop malicious applications themselves. The fact these apps are also listed in the Google Play Store is quite disconcerting, as Google should weed out these problematic apps in the first place.

Related Post

One SophosLabs researcher feels there is a lot more to this story than meets the eye, though. Rowland Yu is convinced this is not a case where innocent developers were attacked by malware, he believes all of the uncovered apps are created by one and the same developer on purpose. Apparently, there is the name of “Nandarok” which keeps coming back throughout various stages of the research. It is possible other developers are involved in this deliberate scheme as well, although that has not been confirmed at this time.

Several dozen Android applications all trace back to the Nandarok developer name. It appears this developer is targeting users in a very specific manner. One of the most top downloaded apps created by this developer is called “Girls phone numbers”, which saw between 100,000 and 500,000 downloads. A rather unusual approach to spreading malware, but it seems to be rather effective. Thankfully, Windows malware can’t do any major harm to Android devices, at least for the time being.

Thankfully, Google has been alerted about these several dozen applications which pose a problem. The technology giant started to remove these applications one by one, although there is still a lot of work to be done. Security researchers will have to keep an eye on the Play Store to ensure no new Windows malware-laden applications will show up in the future. For now, it is advised Android users do not download any applications developed by Nandarok, as they are all at risk of containing malware.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx

Recent Posts

WIF Set to Overtake BONK? Lunex Soars with 100x Potential in Altcoin Season

As altcoin season heats up, all eyes are on the rising stars—especially Lunex, which is…

5 hours ago

Binance Coin Price Dips: BNB Holders Rush To Lunex Presale To Hedge Their Long Positions

While the broader market witnessed a notable upward movement, Binance Coin (BNB) experienced a decline…

5 hours ago

Crypto Stalwarts Forecasted 800% Growth in Innovative Projects: VeChain, Rollblock and Polkadot!

This blazing crypto bull run has investors looking for the next top altcoins set to…

5 hours ago

Dogecoin Price Set To Recreate 36,000% Rally From 2021 After Pennant Formation

The Dogecoin price is back in the limelight, captivating the crypto world with its recent…

5 hours ago

Is XRP About to Explode? How Trump’s Victory Is Affecting XRP Price Amidst JetBolt Growth

Ripple’s XRP showed a 68% price increase in the last 7 days following Trump's victory,…

5 hours ago

Ethereum Down While Bitcoin, Solana, and JetBolt Skyrocket In End November 2024

Ethereum stumbles as Bitcoin surges past $97K, Solana eyes new highs, and JetBolt’s presale shakes…

8 hours ago