Android Malware on Google Play, installs Trojan on PC, uses microphone to record you

Kaspersky, one of the leading security firms around the world has found something shocking in one of the android apps, which is said to be designed to free some memory from the device. But, instead the app is sort of a malware designed to exploit any operating system attached to the device.

You might be wondering how an app installed in an android device can exploit a PC. Well, it’s true and we will prove it to you in this article. But, here we would like you to tell you some of the features of this malware, for the security team such varied features hasn’t been seen by them before in any malware:

Google-Play-Music-malware

* Sending SMS messages.

* Enabling Wi-Fi.

* Gathering information about the device.

* Opening arbitrary links in a browser.

* Uploading the SD card’s entire contents.

* Uploading an arbitrary file (or folder) to the master’s server.

* Uploading all SMS messages.

* Deleting all SMS messages.

* Uploading all the contacts/photos/coordinates from the device to the master.”

When one installs this app which is named as “cleaner” ( a name which replicate its function), the app like a normal app’s installation installs and reboots the device for its functions to work properly. But, which rebooting it isn’t allowing the functions to work properly, it’s allowing the files installed to work properly. The files installed, which are really unknown to the user involves: autorun.inf, folder.ico and svchosts.exe. These files are basically not installed at the directory user instructed for, but, in the memory card folder of the device. So, whenever the android device is attached to a PC, the svchosts.exe automatically starts running.

However, the malware for windows isn’t too devastating, but, one of the other features of this malware is somewhat fascinating or one can say an out of the box feature. This feature allows the attacker to get attached to the user’s microphone and get all the data over it. Whatever, the user says is transferred to the attacker automatically.

According to the researcher, this function only on the autorun function in the system, which is nowadays is disabled in most of the newer versions of windows, so, this attack could be more fitting for the previous of the windows. Here, researchers to regularly get upgraded to on newer versions of the operating system as old version could easily be exploited by the attackers.

One of the shocking facts was that this app was on Google play which is recommended by many leading websites as one of the safe sites of downloading apps. Now, experts say to only download the apps which have been downloaded in large numbers previously and are from a trusted supplier.

Waqas

Waqas Amir is a Milan-based cybersecurity journalist with a passion for covering latest happenings in cyber security and tech world. In addition to being the founder of this website, Waqas is also into gaming, reading and investigative journalism.