Hackers and other malicious actors seeking illegal profit at the expense of tech users may be getting more creative, as suggested by the latest episode from the cybersecurity space that saw a group of researchers identify a set of Android apps infected by executable files for Microsoft’s Windows operating system. 145 such apps were discovered by Palo Alto Networks earlier this month, with the development prompting Google to remove them from the Play Store. Most of the malicious software was released in October and November of 2017 but the extent of the damage it might have caused is likely highly limited given how its ill-intended code doesn’t affect Android platforms.
The experts behind the discovery are speculating that the existence of the malicious code is likely a side effect of the developers behind the identified apps being unknowingly infected. A less plausible scenario is that the Windows executables, many of which were traditional keyloggers, were targeting security researchers and other actors who survey the Google Play Store given how that group of users is likely to download and unpack APK files on PCs. Such an attack vector still seems implausible as most researchers would likely take precautions against having their machines infected if they’re using them for the specific purpose of finding infected software, even if they’re not expecting the files in question to target their platform of choice. Most cybersecurity experts should at the very least be inspecting apps in a sandboxed environment, as evidenced by the new findings.
The possibility that the malicious apps weren’t infected on purpose is seemingly stronger by virtue of the fact that some of the developers behind them also had non-threatening software in their Google Play Store portfolios. In that scenario, some of their apps might have ended up shipping with malware and spyware because their development environments of choice were compromised. Infecting app suppliers is a common tactic for large-scale attack preparations, Palo Alto Networks warns. The problematic apps discovered by the firm spanned an array of categories, from gymnastics guides to drawing tools.