Odd Android Malware Attacks Windows PCs, Triggers Your Microphone

Paul Lilly

Security firm discovers a pair of malicious apps in Google Play that try to exploit Windows' AutoRun feature.

Do you talk to your PC? If so, be careful what secrets you share with your system, you never know who might be listening. We're not being paranoid here, Security firm Kaspersky has discovered a pair of malicious programs in Google Play that are designed to infect PCs, where it then gets busy tapping into the audio system so that it can record the victim. The sound files are then sent to the malware's author. What's the point?

We're not entirely sure. Obviously something like this could be a big deal in certain situations, but outside of government agencies where top secret conversations take place, it's hard to see what the malware author's end game might be. Perhaps it's a proof of concept for something more sinister down the line.

In any event, it's interesting not just because it's odd, but also because it attacks Windows PC through mobile devices.

"We have come across PC malware that infects mobile devices before. However, in this case it's the other way around; an app that runs on a mobile device (a smartphone) is designed to infect PCs," Kasperskyk says .

The malware Kaspersky discovered was buried inside a pair of legitimate looking programs called Superclean and DroidCleaner, both of which act like they're cleaning up your Android phone. A closer look at the code, however, reveals some sinister activity when the user attaches their Android device to their PC.

For the attack to work, the AutoRun feature for external devices would need to be enabled, so not everyone is at risk here. However, anyone with an outdated OS is likely at risk.

"A typical attack victim is the owner of an inexpensive Android smartphone who connects his or her smartphone to a PC from time to time, for example, to change the music files on the device. Judging by the sales statistics for Android smartphones, I would say that such people are quite numerous. For the attack to be more successful, it only lacks a broader distribution scheme," Kaspersky says.

Follow Paul on Google+ , Twitter , and Facebook

Around the web

by CPMStar (Sponsored) Free to play