A new Android malware has been discovered that is capable of transferring its self from Android devices to connected PC systems, called DroidCleaner.
Even though Google has implemented a number of scnas to prevent malware making its way on to the Google Play store the odd malicious application does slip past.
Kaspersky Lab Expert Victor Chebyshev has published a detailed report about the discovery process and the threat presented by the DroidCleaner app. Which is capable of installing a Trojan Horse onto your PC when your phone is connected to it via USB. It is then able to use your PC microphone to listen to your conversations, encrypt the files and send them back to the master’s server.
“Generally speaking, saving autorun.inf and a PE file to a flash drive is one of the most unsophisticated ways of distributing malware. At the same time, doing this using a smartphone and then waiting for the smartphone to connect to a PC is a completely new attack vector. In the current versions of Microsoft Windows, the AutoRun feature is disabled by default for external drives; however, not all users have migrated to modern operating systems. It is those users who use outdated OS versions that are targeted by this attack vector.
Thus, a typical attack victim is the owner of an inexpensive Android smartphone who connects his or her smartphone to a PC from time to time, for example, to change the music files on the device. Judging by the sales statistics for Android smartphones, I would say that such people are quite numerous. For the attack to be more successful, it only lacks a broader distribution scheme.”
As well being able to record conversations the Android malware is also able to do the following:
- Sending SMS messages
- Enabling Wi-Fi
- Gathering information about the device
- Opening arbitrary links in a browser
- Uploading the SD card’s entire contents
- Uploading an arbitrary file (or folder) to the master’s server
- Uploading all SMS messages
- Deleting all SMS messages
- Uploading all the contacts/photos/coordinates from the device to the master