Kaspersky Lab has revealed a new type of malware that can infect your computer when connected smartphone or tablet. Two such application, Super Clean and DroidCleaner found in Google Play android market. These two are actually same application, just released with two different names.
These applications apparently disguised as a tool to clean memory for
the Android operating system but after installing and running it
displays a list of all running some processes and then restart the
device. Later, in background, the app downloads three files autorun.inf,
folder.ico, and svchosts.exe in phone.
When user connect infected android mobile phone to any Windows computer
with active Autorun or Autoplay functionality for USB devices, the
svchosts.exe file (Backdoor.MSIL.Ssucl.a) is automatically executed on computer. A similar situation may arise in case of SD card.
Before apps were removed by Google, they may together have been
downloaded up to 6000 times. Malicious code then starts capturing the
sound instantly from systems microphone and all recorded data is sent to
remote servers after encrypting files.
Other than this, the malware is capable of Sending SMS messages,
Enabling Wi-Fi, Gathering information about the device, Opening
arbitrary links in a browser, Uploading the SD card’s entire contents,
Uploading an arbitrary file to the master’s server, Uploading all SMS
messages, Deleting all SMS messages, Uploading all the
contacts/photos/coordinates from the device to the master.
The attacks are becoming more sophisticated and users, especially those
with low knowledge of technology come easily to the hook of cyber
criminals.
No comments:
Post a Comment