![]() ![]() ![]() ![]() Android devices were not the target of these infections Palo Alto Networks researchers, who discovered the infected apps, say this EXE file can modify the network hosts file, change windows firewall settings, inject code into another process, and copy itself. Obviously, this file wouldn't be able to do any harm on an Android phone because Android can't execute EXE files. In one isolated case, besides the iframe, the HTML source code also contained a VBScript that attempted to drop a Base64 encoded Windows executable on the user's phone. One app tried to drop an EXE file on Android devices ![]() In fact, CERT Poland had sinkholed two of the domains in 2013, after a series of high-profile attacks. All the remote servers were down when researchers came across the infected apps, but servers were known hotspots for malicious activity, being involved in many Windows malware distribution campaigns. This iframe attempted to connect to remote servers and download another payload. Security researchers have found traces of Windows malware inside 132 Android apps hosted on the official Google Play Store.Īccording to security experts, all 132 apps contained a tiny iframe inside the source code of HTML pages showed at some point or another to their users. Some of the apps infected with hidden iframes (via Palo Alto Networks) ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |