Monday, February 4, 2013

New Android malware spreading to PCs | SciTech | GMA News Online | The Go-To Site for Filipinos Everywhere

 

Lesson: On any platform, be careful what you download.

But this report suggests the app is/was available on the official Google Play marketplace.  So maybe the lesson should include letting other folks be the guinea pig for unvetted apps.  

--S.

New Android malware spreading to PCs

A new nasty malware has been discovered making the rounds of the Internet, infecting mobile devices running Google’s Android operating system but whose real targets are PCs running Microsoft’s Windows.

Kaspersky Labs said the malware can take over the Windows PC’s mic to record audio around the infected computer – and do many other spying tasks.

“Thus, a typical attack victim is the owner of an inexpensive Android smartphone who connects his or her smartphone to a PC from time to time, for example, to change the music files on the device. Judging by the sales statistics for Android smartphones, I would say that such people are quite numerous,” it said in a blog post.

It added the approach used by the author of these applications appeared “very well thought out,” noting the app includes a vast range of features such as:

  • Sending SMS messages
  • Enabling Wi-Fi
  • Gathering information about the device
  • Opening arbitrary links in a browser
  • Uploading the SD card’s entire contents
  • Uploading an arbitrary file (or folder) to the master’s server
  • Uploading all SMS messages
  • Deleting all SMS messages
  • Uploading all the contacts/photos/coordinates from the device to the master

“This is the first time we have seen such an extensive feature set in one mobile application,” Kaspersky said.

It added those most likely vulnerable are owners of cheaper Android smartphones who look for ways to speed up their devices by freeing up memory.

Kaspersky said it chanced on the malware last Jan. 22 on Google Play, the marketplace for Android apps.

It said its investigation showed that once the malware is on the Windows PC and once the microphone detects sound, “the application immediately begins to write audio data to a file using BeginRecording.”

The program then encrypts files and sends them to the controller.

New approach

Kaspersky said the approach used by the author of the new malware is a “completely new attack vector,” by using a smartphone and then waiting for the smartphone to connect to a PC.

It also said that while Windows has updated its OS to prevent Autorun from running, there are some users who have not updated their Windows machines and are thus vulnerable.

“It is those users who use outdated OS versions that are targeted by this attack vector,” it said. — TJD, GMA News

No comments:

Post a Comment