Will Verduzco · Jan 24, 2014 at 02:00 pm

New Windows Malware Infects Android Devices; Protect Yourself with Two Easy Steps

Cross-platform malware is nothing new. And to be more specific, cross-platform malware involving the Android OS isn’t new either. This should come as no surprise, as the pint-sized mobile OS packs nearly as much functionality and freedom as its full-sized brethren.

Some time ago, we saw the Android.Claco trojan. This particular piece of malware used a compromised mobile device to transfect your Windows-powered PC by functioning as a malicious USB drive. Upon connection via USB Mass Storage, Windows AutoRun would then automatically execute the malicious payload.

Up until recently, however, the only cross platform malware involving Android that we’ve seen in the wild has involved infected Android devices targeting desktop computers. Now, Symantec has spotted a new trojan targeting Android devices from infected Windows computers.

The new malware is known as Trojan.Droidpak, and it essentially works by using ADB to install a malicious APK (variant of the previous Android.Fakebank.B trojan) that poses as the Google Play Store (“Google App Store” in the screenshot). Then once run, the malicious APK searches for specific Korean online banking apps. If these apps are found, the malware prompts the user to delete the originals and install malicious versions. It also intercepts and reroutes SMS messages on compromised devices to a predetermined location, presumably to intercept fraud protection messages from said banking institutions.

While this specific piece of malware poses very little concrete threat to those outside of Korea who do not rely on the select banking institutions targeted by the trojan, it is entirely possible that similar attacks exist in other regions, targeting other demographics. This highlights the importance of always being cautious and disabling unnecessary services. Furthermore, users should always exercise caution when connecting their mobile devices to unknown computers.

You can learn more about the specifics by visiting the Symantec Malware Bulletin. But first, make sure you protect yourself by disabling unnecessary services such as USB Debugging and only connecting to trusted computers. Furthermore, do yourself a favor and enable verify apps.

Has Android malware been an issue for you in the past? We’ve seen some evidence suggesting that it largely isn’t an issue for most users due to Android’s multiple layers of defense. However, this new type of attack could potentially bypass these measures on devices with USB debugging enabled and verify apps disabled. Let us know your thoughts on Android malware in the comments below!

[Many thanks to XDA Forum Member dr.eXntriK for the tip!]


_________
Want something on the XDA Portal? Send us a tip!
TAGS:

Will Verduzco

willverduzco is an editor on XDA-Developers, the largest community for Android users. Will Verduzco is the Portal Administrator for the XDA-Developers Portal. He has been addicted to mobile technology since the HTC Wizard. But starting with the Nexus One, his gadget love affair shifted to Google's little green robot. He is also a Johns Hopkins University graduate in neuroscience and is now currently studying to become a physician. View willverduzco's posts and articles here.
Jimmy McGee · Jul 28, 2015 at 06:00 am · no comments

How Strong Is Your Connection? – XDA Xposed Tuesday

Everyone is always talking about their bars. How many bars of WiFi do they have? How many bars of 4G? What does a bar really represent? Does it give you any indication of the “strength” of the signal? Does it give you the throughput? If you had this information, you could know more about your data connections. In this episode of XDA Xposed Tuesday, XDA TV Producer TK reviews an Xposed Module that gives you the ability to put certain...

XDA NEWS
Mario Tomás Serrafero · Jul 27, 2015 at 11:29 pm · 1 comment

OnePlus 2 Announced: Specs, Price and Details

The OnePlus 2 has just had its Virtual Reality Launch event, and at the XDA Office we all watched it live to see the new Flagship Killer attempt to make us never settle for anything else. The event itself was streamed through the OnePlus 2 Launch application, and now that it is over, we know plenty about the specifications and everything the new device is offering.   The device features a premium design with metal edges and buttons and a...

XDA NEWS
Mike McCrary · Jul 27, 2015 at 03:19 pm · 2 comments

A Helpful Guide to Music Streaming Services

With the launch of Apple Music, music streaming services have recently gained a lot of consumer interest, and as usual, Apple's foray into the market has caused disruption, as competitors scramble to introduce new features and modify their pricing structures in order to better compete, and as fresh users new to the market continue to evaluate and decide which service would suit them the best.   While many people are quick to denounce all streaming services as being a variable of...

XDA NEWS