Android Trojan infects smartphone to launch attack on PC

Records audio files

Kaspersky Lab has discovered the first ever Android malware app that appears to have been designed not to attack the host smartphone but any PCs it is subsequently connected to.

Discovered on Google Play (yes, Play hosts malware despite Google's attempts to clean it up), targeting Russian-speakers disguised as a memory-killer utility, innocent downloaders will end up with three malware files on any SD card plugged into their smartphones.

Any PC that connects to the phone while in USB emulation mode (which treats attached smartphone drives as external disks) and old enough not to disallow Windows Autorun, will end up being hit with Backdoor.MSIL.Ssucl.a.

It's a novel route to attack a PC but why engineer malware to do it?

Strangely, the primary purpose of the malware is to record any audio detected by the PC's microphone, saving this to a file that is then uploaded to a server in an encrypted format.

The malware also takes complete control of the smartphone but that could be a secondary activity.

"Generally speaking, saving autorun.inf and a PE file to a flash drive is one of the most unsophisticated ways of distributing malware," said a baffled Kaspersky Lab researcher, Victor Chebyshev.

"At the same time, doing this using a smartphone and then waiting for the smartphone to connect to a PC is a completely new attack vector.

The dependence on Autorun strong suggested that the malware was deliberately looking for victims running versions of Windows prior to 7, a declining population in countries such as the UK and US but still remarkably in former Soviet republics.

Google has removed the two apps associated with the attack from Play but not before it was downloaded by several thousand users.

Tags: Personal Tech, Google, security, kaspersky lab

Lower costs help NZ pip Australia for F5 Networks support centre

READ THIS ARTICLE
DO NOT SHOW THIS BOX AGAIN [ x ]
Comments are now closed.
CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Security That Fits

Improve the effectiveness of your security or get unique network threat discovery and remediation

Latest Jobs
Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).


  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.