Kaspersky warns phone users of PC-infecting malware

Feb 05, 2013 by Nancy Owano report
Credit: Kaspersky Lab

(Phys.org)—Kaspersky Lab has a new warning for smartphone and tablet users. Yes, it's all about Android. No, it's not like anything you've been warned about before. Lab Expert Victor Chebyshev has discovered a new attack vector in the form of nasty apps (DroidCleaner and Superclean) posing as system cleaners for freeing up memory, and boosting performance by cleaning out old data. The apps are malware. The Superclean and DroidCleaner are the apps that transfer malware. Instead of just infecting the phone they are designed to move across, infecting both the smartphone and PC.

The malware capabilities include stealing data from the victim's and PC as well as eavesdropping on conversations. Kaspersky Lab said the malware was the most extensive feature set it had seen in one .

After plugging an Android device into a , the action starts. The H ran a discussion of how the malware operates: "The app moves on to quietly download three files and save them as "autorun.inf", "folder.ico" and "svchosts.exe" in the root directory of the SD card. Now the phone is ready to infect any PC that it is plugged into when in USB drive emulation mode – if, of course, it still autoruns removable media, and will trigger the running of "svchosts.exe".

The Android version of the bot includes the following features: sending SMS messages; uploading SMS messages; deleting SMS messages; enabling Wi-Fi; opening arbitrary links in a browser; uploading the 's contents; uploading an arbitrary file (or folder) to the master's server; uploading contacts/photos/coordinates from device to master.

The good news for all this is that current versions of Windows pose no such risk. The attack did depend on the AutoRun feature being enabled in Windows for external drives. The current versions have AutoRun disabled. The attack is only possible against users running older unpatched versions of the OS.

Still, news of the discovery by Kaspersky Lab that the apps were on Google Play, where they are no longer, seemed to have an unsettling effect on most technology sites that carried the news. Though the cleaner-masquerading apps no longer reside in Google Play, the idea that they were sitting there for any length of time was reminder enough that mobile phone users need to think twice about what they download and install.

Explore further: Android gains in US, basic phones almost extinct

More information: www.securelist.com/en/blog/805/Mobile_attacks

Related Stories

Google puts malware scanner in Google Play pipeline

Oct 16, 2012

(Phys.org)—A new version of the Google Play app store will enable scanning users' smartphones for malware, according to Android Police. The site's report, headlined "A Built-In Malware Scanner," said, ...

Recommended for you

Android gains in US, basic phones almost extinct

Apr 18, 2014

The Google Android platform grabbed the majority of mobile phones in the US market in early 2014, as consumers all but abandoned non-smartphone handsets, a survey showed Friday.

Hackathon team's GoogolPlex gives Siri extra powers

Apr 17, 2014

(Phys.org) —Four freshmen at the University of Pennsylvania have taken Apple's personal assistant Siri to behave as a graduate-level executive assistant which, when asked, is capable of adjusting the temperature ...

Microsoft CEO is driving data-culture mindset

Apr 16, 2014

(Phys.org) —Microsoft's future strategy: is all about leveraging data, from different sources, coming together using one cohesive Microsoft architecture. Microsoft CEO Satya Nadella on Tuesday, both in ...

User comments : 1

Adjust slider to filter visible comments by rank

Display comments: newest first

frajo
5 / 5 (1) Feb 05, 2013
The good news for all this is that current versions of Windows pose no such risk.

The good news for all is that former and current versions of Linux and eCS never posed such risk.

More news stories

Hackers of Oman news agency target Bouteflika

Hackers on Sunday targeted the website of Oman's official news agency, singling out and mocking Algeria's newly re-elected president Abdelaziz Bouteflika as a handicapped "dictator".

Making graphene in your kitchen

Graphene has been touted as a wonder material—the world's thinnest substance, but super-strong. Now scientists say it is so easy to make you could produce some in your kitchen.

Low tolerance for pain? The reason may be in your genes

Researchers may have identified key genes linked to why some people have a higher tolerance for pain than others, according to a study released today that will be presented at the American Academy of Neurology's 66th Annual ...

How to keep your fitness goals on track

(HealthDay)—The New Year's resolutions many made to get fit have stalled by now. And one expert thinks that's because many people set their goals too high.