Last year, researchers discovered 132 Android apps in the
Google Play market that
lamely attempted to infect users with... Windows malware. On Wednesday, researchers with a different security company reported finding 150 more.
The latest batch of apps, like the ones 12 months ago, were spawned from a variety of different developers. The common thread among all the apps: their code was written on programming platforms infected with malware known as Ramnit. Although the Ramnit botnet of 3.2 million computers was
dismantled in 2015, infections on local machines live on.
The malware adds malicious iframes to every HTML file stored on an infected computer. Those iframes then got appended to files that were included in the Android apps. Researchers at security firm Zscaler said almost all of the 150 infected apps were detected using common antivirus engines.
