Kaspersky experts have identified a piece of computer malware that’s distributed as an Android app.
The app in question, discovered on Google Play on January 22, mimics a legitimate “cleaner” application.
Once installed and executed, the malicious app lists the running processes and restarts them, after which it downloads a number of three files – autorun.inf, folder.ico and svchosts.exe – to the SD card.
When the smartphone is connected to a computer, the svchost.exe file (Backdoor.MSIL.Ssucl.a) is executed.
This particular piece of malware is not sophisticated, but it’s capable of taking control of the microphone to record the victim. All the recordings are encrypted and sent back to the attacker.
In addition, the piece of malware that remains on the phone is capable of some nasty things such as sending SMS messages, enabling Wi-Fi, uploading files, opening links, deleting SMSs, uploading SMSs and much more.