reader feedback 39
last year, researchers found 132 Android apps in the Google Play market that lamely tried to contaminate users with… home windows malware. On Wednesday, researchers with a unique security enterprise suggested finding a hundred and fifty greater.
The newest batch of apps, like the ones twelve months in the past, have been spawned from a lot of different developers. The usual thread among all the apps: their code was written on programming platforms contaminated with malware referred to as Ramnit. youngsters the Ramnit botnet of three.2 million computers turned into dismantled in 2015, infections on local machines live on.
The malware provides malicious iframes to each HTML file saved on an contaminated laptop. those iframes then got appended to files that had been protected within the Android apps. Researchers at safety enterprise Zscaler mentioned essentially all of the one hundred fifty contaminated apps had been detected the use of general antivirus engines.
the two domains within the iframes were neutralized years in the past via a manner called sinkholing. And however the domains had been energetic, they’d were unable to infect an Android equipment. nonetheless, Google’s lack of ability to detect surely contaminated apps on at the least two events over 12 months is an issue.
“This fashion of cross-platform an infection propagation should still be concerning for Android clients as the malware creator can without problems serve platform-certain malicious content in response to the machine making the connection to the attacker managed URLs from such infected apps,” Zscaler researcher Deepen Desai told Ars. Google removed the apps after being notified of them.
Zscaler has an inventory of all a hundred and fifty contaminated apps right here.