Android malware steals data, records audio via PC microphone

Rick

Rick

Posts: 4,512   +66
Staff

Two newly-discovered Android apps found on Google Play were designed to spy on their users, claim security experts at Kaspersky. The apps, SuperClean and DroidCleaner, posed as innocuous Android clean-up utilities; however, each app could quietly copy photos, contacts and other information to a remote server. 

If that weren't enough though, security analysts also found that malware authors were grabbing microphone recordings from Windows PCs paired with infected Android devices. What authors intended to do with the snagged recordings is a mystery, but the effort remains unsettling, nonetheless.

To record and steal audio from a microphone on a Windows PC, unscrupulous app writers had to first devise a method for infecting Windows PCs from Android. The programmers chose to exploit Windows' AutoRun feature, designing their apps to quietly plant a malicious Windows executable and AutoRun config file onto any SD-Card inserted into the infected Android device. When the device was connected to any AutoRun-enabled Windows PC, Windows would automatically run the malicious code, allowing virus unfettered access to the user's computer.

AutoRun has been long been an easily exploitable attack vector for Windows machines -- particularly in office, enterprise and educational settings where users frequently swap PCs and flash drives. This security realization prompted Microsoft to disable AutoRun entirely on PCs running Windows XP, Vista and 7 via a security fix eventually pushed out through Windows Update. With approximately 10 percent of Windows users opting out of Automatic Updates though, a large swath of users is likely to be at risk for such attacks.

Some of the malware's capabilities are highlighted here:

  • Sending SMS messages
  • Enabling Wi-Fi
  • Gathering information about the device
  • Opening arbitrary links in a browser
  • Uploading the SD card’s entire contents
  • Uploading an arbitrary file (or folder) to the master’s server
  • Uploading all SMS messages
  • Deleting all SMS messages
  • Uploading all the contacts/photos/coordinates from the device to the master

"This is the first time we have seen such an extensive feature set in one mobile application." noted Kaspersky Labs expert Victor Chebyshev. 

The malicious apps have since been removed from the Google Play market.

Permalink to story.

https://www.techspot.com/news/51526-android-malware-steals-data-records-audio-via-pc-microphone.html

 
Correct me if I am wrong, but dont the develpoers have to register some form of DBA or personal information when a App is submitted to Android for concideration on the Google market? If so it seems Google needs to go after the creaters of the malware. Moble devices are more and more intergrated into our fast paced lives. Even more so then the personal computer. These types of Apps are going to cause a lot of ppl problems and Google will be at the heart of the problem. Perhaps They need better screening practices for their own apps.
 
I completely agree. Its googles fault for not looking into the apps that they are letting there customers purchase and download. I pretty sure google has the source code and they have to look at it before anything, and if they do, THEN WTF GOOGLE.
 
You must log in or register to reply here.

Similar threads

TS Dealmaster
  • Locked
Get a Microsoft Office lifetime license for $29, no subscription required
Replies
0
Views
886
TS Dealmaster
TS Dealmaster
A
Microsoft will revive its PC peripheral business through design company Incase
Replies
12
Views
353
MakeMSGreatAgain
M
Shawn Knight
AI PCs will make up nearly 60% of total PC shipments by 2027
Replies
15
Views
325
toooooot
T

Latest posts

Back