The applications, named SuperClean and DroidClean, did not stop there. Researchers also found that the malware was able to AutoRun on Windows PC devices when the phones were paired, and infect the main computer. The malware was designed to record audio through the computer’s microphone.
AutoRun has often been used as a method of infection, and Microsoft has since sent a security fix out to Windows XP/Vista/7 in order to disable the exploitable element. In some cases, however, the feature might have been re-enabled by the user for convenience or never changed through a backlog of updates.
An application such as this has not been seen in the past, and is showing the creative methods through which malware coders are attempting to break through a computer’s security. With the Android device acting as a Trojan horse for the infection, malicious code has the potential of bypassing established security parameters that typically keep endpoint users safe within their network.
While Webroot has already classified the apps, and they have been removed from the Google Play application market, it goes to show that protective steps are necessary on all levels of devices to avoid an infection. Below, we will highlight the steps you can take to help stay protected from attacks like these.
- Ensure latest version of Webroot SecureAnywhere is downloaded from official Android app stores.
- Ensure USB shield is enabled[list]
- Steps: Open Webroot > Select PC Security Tab > Select Shields > Slide USB Shield to on (green)
- Advanced users: Ensure USB Shield is Enabled[list]
- Steps: Open Webroot > Select PC Security Tab > Select Scan > Select Change Scan Settings > Select Heuristics > Select USB > Select desired protection settings
Source: SecureList - http://www.securelist.com/en/blog/805/Mobile_attacks