01-23-2014 10:54 AM
Malware capable of infecting Android handsets using Windows PCs and laptops has been uncovered targeting developers.
Security response manager at Symantec Alan Neville told V3 the malware is atypical as it uses a two-stage attack process to jump from Windows PCs to Android handsets.
"It starts with a Trojan that when executed creates a new service on a Windows machine," he said. "It then targets Android devices that connect on USB. It uses the Android debugging bridge to deliver the Fakebank Trojan."
Fakebank is a notorious Trojan designed to take victims' financial data. Neville explained: "It looks for a specific set of Korean banking applications. If these are found the Trojan asks the user to install an update. When this notification is clicked it actually downloads a malicious version of the app."
Neville added that the Trojan is particularly nasty as it also has remote SMS message-monitoring capabilities. He said the complex nature of the attack indicates that the campaign is designed to target developers.
"The attack uses a new method that is quite complex. Because it uses the Android Debug Bridge, a mode that requires the user to activate it before connecting it via USB, its reach is quite limited and it is only really a threat to people like developers," he said.