Google says 145 apps on its app store were loaded with malicious files designed to attack your computer.
The apps – some of which were downloaded hundreds of times – have now been removed from the Play Store, but could still lurk on the gadgets of unsuspecting users.
The malicious software, also known as malware, does not affect Android devices but could farm your private data if an infected gadget is plugged into a Windows PC.
Once inside a computer, the virus can track keystrokes, revealing credit card numbers, account passwords and even social security numbers.
Some of the infected apps include ‘Learn to Draw Clothing’, an app teaching people how to draw and design clothing; ‘Modification Trail’, an app showing images of trail bike modification ideas; ‘Gymnastics Training Tutorial’, an app letting people find ideas for gymnastic moves
Palo Alto Networks discovered the malicious apps and went on to notify Google of the flaw.
The apps are no longer available on the Play Store but had been readily downloaded since around October 2017.
They were designed to infect Windows PCs when users unwittingly plugged in their Android gadget to charge it or transfer files.
Not all the apps from the same developer had the same Windows files, prompting the researchers to postulate that the developers used different computers when creating the code of the apps.
It is believed that some of these computers were infested with malware, allowing the software to make its way in to the apps.
The report explains that there is one key file present throughout all the removed apps, a keylogger.
This could have been used by hackers to use the Windows devices to spy on users.

Some of the apps were downloaded hundreds of times and have now been removed from the Play Store. Users who have downloaded any of these files via the Android app onto a PC could be infected

Google just removed 145 apps from its app store because they contained malicious files designed to attack Windows PCs. The malicious software (malware) is ineffective to Android devices but could reveal the personal information of Microsoft device users
The report states: ‘On a Windows system, this keylogger attempts to log keystrokes, which can include sensitive information like credit card numbers, social security numbers, and passwords.
‘Besides, these files fake their names to make their appearance look legitimate.
‘Such names include ‘Android.exe,’ ‘my music.exe,’ ‘COPY_DOKKEP.exe,’ ‘js.exe,’ ‘gallery.exe,’ ‘images.exe,’ ‘msn.exe’ and ‘css.exe’.’
Users who have downloaded any of these files via the Android app onto a PC could be infected.
Some of the infected apps include ‘Learn to Draw Clothing’, an app teaching people how to draw and design clothing; ‘Modification Trail’, an app showing images of trail bike modification ideas; ‘Gymnastics Training Tutorial’, an app letting people find healthy ideas for gymnastic moves.