The Android OS is widely used on smartphones despite the criticism that the OS is prone to numerous vulnerabilities that can harm the privacy of users. Lately, we came across malware such as Gooligan and HummingBad those affected millions of Google accounts and Android devices.
The latest one is a Windows-based malware, which has been discovered by researchers. It has been found that this malware has affected a whopping 132 apps on the Play Store. This Windows-based malware has been discovered by Palo Alto Networks, a security firm.
Notably, these Android apps were infected with tiny and hidden iframes. For the uninitiated, an iframe is an HTML document that is embedded in another HTML document on a website. Usually, iframes are used to insert content such as ads from another source into webpages. The security firm details the discovery of the Windows-based malware. It was found that the developers of these apps are not the ones to be blamed for the malware. Going by the firm, the development platform used to create these apps were infected with the Windows-based malware.
Android users need not be worried as the malware has been reported to Google Security Team. Also, all the infected apps have been removed from the Play Store. The Android apps those were infected were mostly about DIY phone cases, home interior designing, making crochet blankets, knitting pattern cases, etc. Most of these apps dealt with learning and offering information. The common thing with these apps is the usage of Android WebView in order to display static HTML pages.
On further investigation, it was discovered that the actual HTML code hidden in the iframes were linked to malicious domains. Also, most of these Android apps were traced to a common location though the developers were not related to each other. And, most of these infected apps were shown to be originated from Indonesia. One of the infected pages is said to have tried to download and install a malicious windows.exe file. As the platform is Android, this malware wasn't executed.