ID: IRCNE2013021752
Date: 2013-02-09
According to "techworld", Kaspersky Lab has discovered the first ever Android malware app that appears to have been designed not to attack the host smartphone but any PCs it is subsequently connected to.
Any PC that connects to the phone while in USB emulation mode (which treats attached smartphone drives as external disks) and old enough not to disallow Windows Autorun, will end up being hit with Backdoor.MSIL.Ssucl.a.
Strangely, the primary purpose of the malware is to record any audio detected by the PC’s microphone, saving this to a file that is then uploaded to a server in an encrypted format.
The malware also takes complete control of the smartphone but that could be a secondary activity.
“Generally speaking, saving autorun.inf and a PE file to a flash drive is one of the most unsophisticated ways of distributing malware,” said a baffled Kaspersky Lab researcher, Victor Chebyshev.
“At the same time, doing this using a smartphone and then waiting for the smartphone to connect to a PC is a completely new attack vector.
Google has removed the two apps associated with the attack from Play but not before it was downloaded by several thousand users.
- 2