Malware Served on Google Play Jumps from the Smartphone to the PC

Kaspersky experts have analyzed this particular backdoor

By on February 1st, 2013 22:11 GMT

Kaspersky experts have identified a piece of computer malware that’s distributed as an Android app.

The app in question, discovered on Google Play on January 22, mimics a legitimate “cleaner” application.

Once installed and executed, the malicious app lists the running processes and restarts them, after which it downloads a number of three files – autorun.inf, folder.ico and svchosts.exe – to the SD card.

When the smartphone is connected to a computer, the svchost.exe file (Backdoor.MSIL.Ssucl.a) is executed.

This particular piece of malware is not sophisticated, but it’s capable of taking control of the microphone to record the victim. All the recordings are encrypted and sent back to the attacker.

In addition, the piece of malware that remains on the phone is capable of some nasty things such as sending SMS messages, enabling Wi-Fi, uploading files, opening links, deleting SMSs, uploading SMSs and much more.

Comments

Malware served on Google Play infects PCs
   Malware served on Google Play infects PCs