by Armando Orozco
Recently, two applications designed with malicious intent were discovered within the Google Play application store. The apps were built with a façade of being utility cleaners designed to help optimize Android-powered phones, but in reality, both apps had code built in designed to copy private files, including photos, and submit them to remote servers.
The applications, named SuperClean and DroidClean, did not stop there. Researchers also found that the malware was able to AutoRun on Windows PC devices when the phones were paired, and infect the main computer. The malware was designed to record audio through the computer’s microphone.
AutoRun has often been used as a method of infection, and Microsoft has since sent a security fix out to Windows XP/Vista/7 in order to disable the exploitable element. In some cases, however, the feature might have been re-enabled by the user for convenience or never changed through a backlog of updates.
An application such as this has not been seen in the past, and is showing the creative methods through which malware coders are attempting to break through a computer’s security. With the Android device acting as a Trojan horse for the infection, malicious code has the potential of bypassing established security parameters that typically keep endpoint users safe within their network.
While Webroot has classified the malicious apps, which have been removed from Google Play’s market, it goes to show that protective steps are necessary on all levels of devices to avoid an infection. Below, we will highlight the steps you can take to help stay protected from attacks like these.
- Ensure the latest version of Webroot SecureAnywhere Mobile is installed from the official Google Play Android app store.
Webroot SecureAnywhere (PC users):
- Ensure USB shield is enabled (on by default)
- Steps: Open Webroot > Select PC Security Tab > Select Shields > Slide USB Shield to on (green)
- Advanced users can modify USB heuristic settings:
- Steps: Open Webroot > Select PC Security Tab > Select Scan > Select Change Scan Settings > Select Heuristics > Select USB > Select desired protection settings
For all users, we recommend ensuring that AutoRun is disabled on your computer. Even though Microsoft rolled out updates to disable, it is possible it could be enabled. Finally, always ensure you scan USB and other connected devices for malware before storing data or using on other PCs.
For more information and to keep up with the conversation, head to our community: http://bit.ly/11RKiFa
Source: SecureList http://www.securelist.com/en/blog/805/Mobile_attacks