New Android malware infects your PC, listens to your conversations

February 4, 2013
42 590 4

android malware

Android has been growing in popularity at an exponential rate, taking over market share in most (if not all) major markets around the world.  Unfortunately, such incredible popularity has a downside as well, making Android one of the most targeted operating systems in 2012, with a malware growth of over 580%!

Android 4.2 includes some new malware protection features, and Google is continuously implementing changes to Play Store security, but sometimes something slips through the crack, and that is what happened with a new malicious app found on the Google Play Store called “DroidCleaner.”

In a blog post, Kaspersky Lab Expert Victor Chebyshev described in detail the discovery process and the threat presented after someone downloads and runs the DroidCleaner app. This particular app has a long list of “features,” most creative of which include the fact that the app downloads a Trojan Horse onto your PC when your phone is connected to it via USB, which can then use your PC microphone to listen to your conversations, encrypt the files and send them back to the master’s server.

If that wasn’t dangerous enough, here is a list of other “abilities” this particular malware boasts of:

  • Sending SMS messages
  • Enabling Wi-Fi
  • Gathering information about the device
  • Opening arbitrary links in a browser
  • Uploading the SD card’s entire contents
  • Uploading an arbitrary file (or folder) to the master’s server
  • Uploading all SMS messages
  • Deleting all SMS messages
  • Uploading all the contacts/photos/coordinates from the device to the master

We’ve always recommended downloading apps only from the Google Play Store since it is far safer than most other app sources. Now, we’ll have to further restrict that recommendation to downloading apps that have a high download count and are from trusty developers. We’ve seen an Eset report stating that the number of malicious apps for Android will grow even faster than last year and will also be more creative and I’m guessing that DroidCleaner is just the start.

 

Comments

  • Matt Rickard

    this is freaking nuts

  • JosĂ© Olivo

    Wow, I’m glad I ran across this I already shared it. Sad that this is happening to our loved little green Android…

  • Chris Johnson

    Considering the G+ app itself is malware. Unsure how many times i had to reset ‘instant upload’ to off on both my devices and the website, and how many times afterwards i had to physically cancel the downloads, up until i had to delete the g+ app entirely.
    This is really disturbing as the fact that g+ are denying there are _any_ flaws security or otherwise in g+, makes me wonder if this shitty “its not us, youre just stupid and dont know how to use it” attitude is extending into Android itself, and if therefore my own data is already compromised due to having a google made os.

    Google, you have about 5 months before my phone contract runs out to show me that your phone os is secure before i seriously consider breaking my own rule and going iphone. They might be locked down, but at least they havent got a showcase of fuckups in the form of social media websites.

  • fatyss

    i THINK this just a beginning