Android malware with ability to install Backdoor on Computers

Kaspersky Lab has revealed a new type of malware that can infect your computer when connected smartphone or tablet. Two such application, Super Clean and DroidCleaner found in Google Play android market. These two are actually same application, just released with two different names.

These applications apparently disguised as a tool to clean memory for the Android operating system but after installing and running it displays a list of all running some processes and then restart the device. Later, in background, the app downloads three files autorun.inf, folder.ico, and svchosts.exe in phone.

When user connect infected android mobile phone to any Windows computer with active Autorun or Autoplay functionality for USB devices, the svchosts.exe file (Backdoor.MSIL.Ssucl.a) is automatically executed on computer. A similar situation may arise in case of SD card.

Before apps were removed by Google, they may together have been downloaded up to 6000 times. Malicious code then starts capturing the sound instantly from systems microphone and all recorded data is sent to remote servers after encrypting files.

Other than this, the malware is capable of Sending SMS messages, Enabling Wi-Fi, Gathering information about the device, Opening arbitrary links in a browser, Uploading the SD card’s entire contents, Uploading an arbitrary file to the master’s server, Uploading all SMS messages, Deleting all SMS messages, Uploading all the contacts/photos/coordinates from the device to the master.

The attacks are becoming more sophisticated and users, especially those with low knowledge of technology come easily to the hook of cyber criminals.