Thursday, December 18, 2014
Search
  
Friday, January 24, 2014
 Windows Malware Infects Android Devices
You are sending an email that contains the article
and a private message for your recipient(s).
Your Name:
Your e-mail: * Required!
Recipient (e-mail): *
Subject: *
Introductory Message:
HTML/Text
(Photo: Yes/No)
(At the moment, only Text is allowed...)
 
Message Text: Researchers from Symantec found a Windows Trojan program that can install online banking malware on Android devices connected to infected PCs.

Until now, there was reported Android malware that attempted to infect Windows systems. But recently Symantec researcher Flora Liu came across something that works the other way round: a Windows threat that attempts to infect Android devices.

The infection starts with a Trojan named Trojan.Droidpak. It drops a malicious DLL (also detected as Trojan.Droidpak) and registers it as a system service. This DLL then downloads a configuration file from a remote server. It then parses the configuration file in order to download a malicious APK to the compromised computer. The DLL may also download necessary tools such as Android Debug Bridge (ADB).

Next, it installs ADB and uses a command shown to install the malicious APK to any Android devices connected to the compromised computer. Liu says that installation is attempted repeatedly in order to ensure a mobile device is infected when connected. Successful installation also requires the USB debugging Mode is enabled on the Android device.

USB debugging is a setting normally used by Android developers, but it's also required for some operations that are not directly related to development, like rooting the OS, taking screen captures on devices running old Android versions or installing custom Android firmware.

However, the malicious APK actually looks for certain Korean online banking applications on the compromised device and, if found, prompts users to delete them and install malicious versions. The malware also intercepts SMS messages on the compromised device and sends them to a remote server.

Liu advised users to turn off the USB debugging feature on their Android devices when not it's not needed and to be wary of connecting their mobile devices to computers they don't trust.


 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2014 - All rights reserved -
Privacy policy - Contact Us .