The most common attack form used by the malware is a keylogger file that records keystroke logs which may enable hackers to understand a user’s password, credit/debit card numbers and other personal information.
Google has removed 145 applications from the Play Store after it found them to be infected with Microsoft Windows executable malware.
The malware reportedly does not affect Android systems. According to a Palo Alto Networks research, the APK files were infected that suggests the developers were creating the software on “compromised Windows systems”.
The most common attack form used by the malware is a keylogger file. This file records keystroke logs which may enable hackers to understand a user’s password, credit/debit card numbers and other personal information.
“Some of the infected apps include ‘Learn to Draw Clothing’, an app teaching people how to draw and design clothing; ‘Modification Trail’, an app showing images of trail bike modification ideas; ‘Gymnastics Training Tutorial’, an app letting people find healthy ideas for gymnastic moves,” the report said.
Most of these apps were added on Google Play between October 2017 and November 2017, which means that they were available to download for more than six months. Several of these apps were given a four star rating and were downloaded more than 1,000 times.
Certain developers had one affected app and one safe app, which shows a change in the use of systems to develop the app.
The analysis of these apps showed two “portable executable files” which were used by the system to determine how to treat the file. One PE file was present in 142 apps and the other was present in 21 apps.
