145 Google Play apps found to be hiding Windows malware | Social

Android owners know that the Google Store is still the safest source of Android apps. But despite Google’s best efforts, sometimes rogue apps can still slip through its screening process.

As with almost every type of malware out there, everything is not what it seems. Take these newly discovered malicious Android apps, for example.

On the surface, they may look like your ordinary, run-of-the-mill smartphone apps but hidden within their core, they’re a threat to another system altogether.

145 apps compromised

Google recently removed 145 apps from the official Google Play app store because they were discovered to be harboring malicious malware files.

According to security researchers from Palo Alto Networks, the majority of the infected apps were released on Google Play between October 2017 and November 2017.

This means that the apps have been available in Google Play for more than six months. At the point of their removal, some of the infected apps have more than 1,000 installs and even 4-star ratings!

Included in the list of infected apps were tutorial apps for drawing, clothing design, and tutorials for home improvement and various hobbies. (Keep reading for a list of all the infected apps.)

Meant for Windows PCs

The most interesting part about this whole affair is that Android gadgets are actually safe from these infected apps. Yep, if you’ve downloaded and installed any of these Android apps, your phone or tablet is actually immune from the embedded malware.

However, if you’ve transferred and unpacked the app to a Windows PC, then your machine is vulnerable to attacks.

How could this be? Palo Alto researchers said that this indicates that the apps were developed on infected Windows machines. This means that the developers may not even know that malware was piggyback riding on their apps.

The researchers also noted that not all the apps coming from the same developer are infected. This led them to believe that the developers used different computers for creating their apps.

Compromising developer computers is a growing concern among security firms.

“The development environment is a critical part of the software development life cycle. We should always try to secure it first. Otherwise, other security countermeasures could just be attempts in vain,” the researchers wrote in their blog.

Windows keylogger included

According to Palo Alto, the most prevalent type of malicious file that was present in all but three of the infected Android apps was a Windows keylogger.

If this program’s .exe file is launched, it will attempt to record all the keystrokes inputted on your computer including passwords, credit card numbers, security codes, usernames and Security numbers.

The malicious files are also camouflaged with fake names to avoid detection. If you spot names like “Android.exe”, “my music.exe”, “COPY_DOKKEP.exe”, “js.exe”, “gallery.exe”, “images.exe”, “msn.exe” and “css.exe” on an app’s unpacked files, delete them immediately.

List of infected apps:

Although the apps have been removed from the Google Play app store, you may have installed them on your gadget and it is advised that you delete them as soon as you can.

For your protection, here’s a list of the apps:

App Name Package Name
Baby Room com.KamarBaYi.odieapps
Motor Trail com.MotorTraiL.odieapps
Tattoo Name com.TatToNaMa.odieapps
Car garage coml.GaRaSiMobiL.odieapps
Japanese Garden com.TaMaNJapanG.odieapps
Koi fish com.IkanKoI.odieapps
House Terrace com.TeRaSRumaH.odieapps
Skirt Design com.DesainRokK.odieapps
Yoga Meditation com.MeditasiYoga.odieapps
Shoe rack com.RaKSepatU.odieapps
Unique T-shirt com.KaoSUniK.odieapps
Mens Shoes com.SepatuPriA.odieapps
TV RuanG TaMu com.TVRuanGTaMu.odieapps
Idea Glasses com.IdeaKacamata.odieapps
Fashion Muslim com.FashioNMusLiM.odieapps
Bracelet com.GelangTut.odieapps
Clothing Drawing com.BusanaMenggambar.odieapps
Minimalist Kitchen com.DapuRMiniMaLis.odieapps
Nail Art com.SeNiKuKu.odieapps
Ice cream stick com.StikEzKriM.odieapps
Roof com.AtapRumaH.odieapps
Children Clothes com.BusanaAnaK.odieapps
Home Ceiling com.PlaFoNRumaH.odieapps
PoLa BaJu com.PoLaBaJU.odieapps
Living room com.RuanGTaMu.odieapps
Bookshelf com.RakBuKu.odieapps
Knitted Baby com.RajutanBayI.odieapps
Hair Paint com.CaTRambuT.odieapps
Wall Decoration com.DekoraSiDinding.odieapps
Painting Mahendi com.MelukisMehndi.odieapps
Bodybuilder com.Binaragawan.odieapps
Couple shirts com.KaosCouple.odieapps
Unique Graffiti com.GrafitiUniK.odieapps
Paper flower com.BungaKerTas.odieapps
Night gown com.BaJuTiDuR.odieapps
Wardrobe Ideas com.IdeLeMaRi.odieapps
Dining table com.MejaMakaN.odieapps
Gymnastics com.LatiHaNSeNaM.odieapps
Use Child com.PakaiAnAnak.odieapps
Window Design com.DesainJenDeLa.odieapps
Hijab StyLe com.HijabStyLe.odieapps
Wing Chun com.TeknikWingChuni.xsadroid
Fencing Technique com.TeknikAnggar.xsadroid

Tap or click here to read Palo Alto Networks’ report.

Bonus: Backing up your critical files is important with all the digital threats we face. We recommend our sponsor, IDrive, for fast and reliable cloud backups. Tap or click here to backup all your gadgets with IDrive and save 50% on all your backup needs.

In other news, bank details of thousands exposed online for more than a year

Keeping customer information safe from hackers and threat actors is a tall order for companies nowadays. This time around, the sensitive financial information of thousands of people has been leaked due to a bank’s third-party vendor’s mistake. Click here to learn why.


Article Prepared by Ollala Corp

You might also like More from author

Leave A Reply

Your email address will not be published.