Skip to main content

Security firm identifies over 100 malware-infected Android apps, but don't panic

Mobile Malware
While many users are more aware of the threat of mobile malware today than in years past, and Google has made significant strides in protecting phones from those toxic apps, the risk never completely goes away. Vulnerabilities can present in the unlikeliest of ways, as this report from security firm Palo Alto Networks explains.

The company cites 132 apps on the Google Play Store that feature malware — though not the kind that could actually do any harm to your smartphone. The reason being, these apps attempt to install a Windows executable file, which Android devices do not support.

Related Videos

At first glance, it appears to be a completely ineffectual attempt at attacking users, until you consider the possibility that these apps were actually infected with malicious code unbeknownst to the developer. The malware exploits the apps’ use of Android WebView to link to dangerous HTML sites, that then attempt to install a file designed for Windows onto the device. Palo Alto goes into greater detail, identifying specific lines of code that act as the culprits, but the important point to note is that none of it could actually compromise your phone in any way.

On Windows, the malware would reportedly modify firewall settings, alter the network hosts file, and copy and inject itself into numerous other processes. The apps in question span seven different developers, and security analysts speculate it may have arrived on Android by way of a file-infecting virus. These viruses would in turn seek out and infect HTML files on the developers’ computers, and it’s not hard to imagine how they could then spread to software published on the Play Store. A common online development platform used to produce all of the affected apps may have been the origin.

Ultimately, Google would classify this as a “non-Android threat” — terminology for applications that are unable to harm a user’s device, but are potentially damaging to other platforms. After reporting its findings to Google, Palo Alto says all the offenders were removed from the Play Store.

While it’s not terribly comforting to know your device may have been a conduit for malware without ever realizing it, the work done by Google and security firms like Palo Alto does shed some light on the multitude of ways in which a virus can spread — and that will, in turn, make our devices safer.

Editors' Recommendations

When is my phone getting Android 14? Here’s everything we know
The Samsung Galaxy S23 Ultra next to the Google Pixel 7 Pro.

Google has released the second developer preview for Android 14, its upcoming smartphone software for Google Pixel devices. This should be the last developer preview before Android 14 moves on to the open beta stage of testing, then a planned public release later in 2023.

With Android 14, there are some priority changes in app behaviors and compatibility instead of just new features and other enhancements. There are also going to be improvements made to settings for privacy, security, and even system health. In short, Android 14 may not be packed with a ton of brand-spanking-new features, but it will refine and streamline what is already there.

Read more
Google Pixel Tablet: news, release date and price rumors, and more
The Google Pixel Table and the Speaker Dock.

After years of speculation, Google finally revealed the Pixel Tablet at its annual I/O conference in May 2022. Google was pretty vague at the reveal and has remained tight-lipped when it comes to giving official details about the upcoming tablet.

Luckily, there have been plenty of leaks and rumors about the Pixel Tablet that help paint a picture of what fans can expect when it finally launches later this year. Here's everything we know about the Google Pixel Tablet.
Google Pixel Tablet: design

Read more
A new Android 14 update is here — but you still shouldn’t download it
The Android 14 logo.

Google has released the second developer preview of Android 14, as the next major version of the operating system takes another step toward a full release. Like the first Android 14 developer preview, the clue as to who it’s for is in the name.

This early version is designed for developers to test new features and designs in their apps, and to explore how new tools in the software could help improve them. It’s not designed for everyday use by consumers -- that version will come later.

Read more