CYBERSECURITY: Old Windows malware may have tampered with 132 Android apps.

Google has already removed the apps from its Play store. But what’s interesting is the developers behind the apps probably aren’t to blame for including the malicious code, Palo Alto Networks said in a Wednesday blog post.

Instead, the platforms the developers used to build these apps were probably infected with malware that looks for HTML pages and then injects the malicious coding, the company said.

Many of these tainted apps offered design ideas for things like cheesecakes, landscaping a garden, or laying out a patio. The most popular had more than 10,000 downloads.

When installed, the apps would display seemingly benign webpages. However, in reality, the pages shown contain a tiny hidden iframe that links to two suspicious domains.

The malware is so old that the suspect domains went defunct several years ago, so this is more a case of sloppy development work than an actual security risk.