Security Advisor

New Android Malware Aims To Infect PCs

A first of its kind, this mobile virus records your every sound through your PC.

Kaspersky security experts are shedding some light on an Android malware that was designed to bring havoc to your PC.

Here's how it works: You download an application on the Google Play store that is not on the up and up (Kaspersky said this particular malware has found a home hidden in a bogus system cleaning app called DroidCleaner). The malware, while not initially causing any harm to your mobile device (that comes later), lays in wait for you to connect it to your PC through the USB emulation mode, which allows your PC to view the device as an external storage device. If AutoRun is enabled on your Windows machine, the malware installs its claws into your system. The good news is that if you have the your Windows updated, AutoRun is disabled by default.

And once it's in your PC, the virus goes to work by activating your PCs microphone, recording everything that is said in the proximity of the machine and then sending it back to the malware creator.

"Generally speaking, saving autorun.inf and a PE file to a flash drive is one of the most unsophisticated ways of distributing malware," said Kaspersky's Victor Chebyshev, in a blog post. "At the same time, doing this using a smartphone and then waiting for the smartphone to connect to a PC is a completely new attack vector. In the current versions of Microsoft Windows, the AutoRun feature is disabled by default for external drives; however, not all users have migrated to modern operating systems. It is those users who use outdated OS versions that are targeted by this attack vector."

Kaspersky said that this is the first malware of its kind to target your PC in this fashion.

As someone who is not part of the criminal fraternity, the malware's execution confuses me a bit. Sure, if malware distributers want to record me laughing at stupid Reddit links or cursing at my screen after an untimely death in Counter Strike, be my guest. But I don't remember the last time I verbally recited any of my private financial information in front of the screen. And if someone was to let something slip in front of their PC that they didn't want known by an outside source, how many hours would the malware distributer have to listen to before stumbling upon anything that could be beneficial to them (share your best hypothesizes below)?

Speaking on who is being targeted, Chebyshev said "...a typical attack victim is the owner of an inexpensive Android smartphone who connects his or her smartphone to a PC from time to time, for example, to change the music files on the device. Judging by the sales statistics for Android smartphones, I would say that such people are quite numerous. For the attack to be more successful, it only lacks a broader distribution scheme."

Not wanting to miss an opportunity to cause as much harm as possible, that infected smartphone or tablet isn't just a carrier; the malware also has the ability to enable WiFi on your device, send out SMS messages, uploading your memory card info, deleting your contacts and open harmful links in the device's Web browser.

 

About the Author

Chris Paoli is the site producer for Redmondmag.com and MCPmag.com.

comments powered by Disqus
Upcoming Events

Redmond Tech Watch

Sign up for our newsletter.

I agree to this site's Privacy Policy.