More than 150 applications from the Google Play catalog are distributors of the Windows worm Ramnit. This is reported by Ars Technica with reference to the research of the antivirus company ZScaler. The worm does not harm Android-based devices, but it can be used to attack desktop computers.
Ramnit is contained in applications from different developers, which, as a rule, differ in their purpose. At the time of publication, all software called ZScaler dangerous was removed from Google Play, but there is no guarantee that the worm will not be able to enter the directory again.
Ramnit reportedly infects all files with the extension .exe, .dll,. html and .htm. Typically, this happens when you connect the device to the computer. Once in a favorable environment for the worm is Windows, it starts collecting data, including logins and passwords, cookies and key files for online banking.
Subsequently, the worm launches a self-propagation mechanism that allows it to infect new devices by forming thus the whole network. The greatest danger of this type of malware is for organizations that have at their disposal an extensive database of dozens and hundreds of connected personal computers.
Discuss this and other news from the Android world in the official Telegram chat AndroidInsider.ru.