Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Security Strategy, Plan, Budget, Threat Management, Threat Management, Threat Management, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Malicious Windows executable files hidden in Google Play Apps


Palo Alto Unit 42 researchers identified 145 Google Play apps infected with malicious Window's Executable Files.

Researchers noted the infected APK files do not pose any threat to Android devices as they can only run on Windows devices but said the files are a threat to the software supply chain and can ultimately be used to carry out widespread attacks similar to KeRanger, XcodeGhost and  NotPetya, according to the blog post.

“Most of the infected apps were released to Google Play between October 2017 and November 2017, which means these apps have been in Google Play for more than half a year,” researchers said in the report. “Among these infected apps, several have more than 1,000 installations and 4-star ratings.”

Malicious apps included “Learn to Draw Clothing,” “Modification Trail” and “Gymnastics Training Tutorial.”

 Researchers said they have already notified Google of the malicious apps. 

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.