It was only a matter of time before malware makers tried to infect a mobile Android device via a Windows machine. With the enormous number of Android devices hitting the market, and Windows still being the preferred choice for desktop/laptop users, the 'eye' of the malware maker has always been on the tantalising opportunity. It seems now, they finally have a breakthrough.
Security vendor Symantec has warned users against the Trojan.Droidpak, which enters Windows and tries to infect an Android device connected to the PC. "The infection starts with a Trojan named Trojan.Droidpak. It drops a malicious DLL (also detected as Trojan.Droidpak) and registers it as a system service. This DLL then downloads a configuration file from a remote server," Symantec's Flora Liu said in a blog post. The new malware works in the opposite direction as the Android malware Android.Claco that attempts to infect Windows systems via an Android machine.
The malware is a variant of Android.Fakebank.B and poses as a Google App Store application. The malicious APK looks for certain Korean online banking applications on the compromised device and prompts users to delete them and install malicious versions. "Android.Fakebank.B also intercepts SMS messages on the compromised device," Liu added.
Symantec has urged users to turn off USB debugging on the Android device when they are not using it to avoid falling prey to the new threat. There is also a need to exercise caution when connecting mobile device to untrustworthy computers.
Security vendor Symantec has warned users against the Trojan.Droidpak, which enters Windows and tries to infect an Android device connected to the PC. "The infection starts with a Trojan named Trojan.Droidpak. It drops a malicious DLL (also detected as Trojan.Droidpak) and registers it as a system service. This DLL then downloads a configuration file from a remote server," Symantec's Flora Liu said in a blog post. The new malware works in the opposite direction as the Android malware Android.Claco that attempts to infect Windows systems via an Android machine.
The malware is a variant of Android.Fakebank.B and poses as a Google App Store application. The malicious APK looks for certain Korean online banking applications on the compromised device and prompts users to delete them and install malicious versions. "Android.Fakebank.B also intercepts SMS messages on the compromised device," Liu added.
Symantec has urged users to turn off USB debugging on the Android device when they are not using it to avoid falling prey to the new threat. There is also a need to exercise caution when connecting mobile device to untrustworthy computers.
No comments:
Post a Comment