Android Malware Crosses Over to Windows via USB

A new piece of malware discovered by Kapersky Lab uses smart phones to install malware onto Windows-based PCs.

According to a blog post on SecureList last week, the Android-based malware was embedded in apps distributed through the Play Store. The apps, which are no longer available for download, purported to be Android system optimizers. Once executed, they downloaded three files from a specified URL containing the malware designed to execute on Windows-based systems when the phone was connected to the PC via USB.

Its purpose seems to have been to record, encrypt, and upload audio when the infected PC's mic detected sounds.

While the malware, Backdoor.MSIL.Ssucl.a, may not be not terribly sophisticated in and of itself, the approach to infecting the PC is novel, representing "a new attack vector" for Windows malware, as Kapersky's Victor Chebyshev noted in his SecureList post.

The software also contained features that affected the Android devices themselves. For example, the software could open URLs in a Web browser, upload the entire contents of the user's SD card, and steal contacts and messages, among many other capabilities, Chebyshev explained.

Complete details about the malware, including screen shots and samples of the offending code, can be found on SecureList.

About the Author

David Nagel is the former editorial director of 1105 Media's Education Group and editor-in-chief of THE Journal, STEAM Universe, and Spaces4Learning. A 30-year publishing veteran, Nagel has led or contributed to dozens of technology, art, marketing, media, and business publications.

He can be reached at [email protected]. You can also connect with him on LinkedIn at https://www.linkedin.com/in/davidrnagel/ .


Featured

  • geometric pattern of books arranged in a grid, connected by sleek, glowing lines resembling circuitry

    Edthena, Digital Promise Combine 'Science of Reading' Resources for Teachers

    To better equip educators with the skills to practice Science of Reading instruction, Edthena is collaborating with nonprofit Digital Promise.

  • Abstract illustration of a human news reporter interviewing an AI with a microphone

    AI on AI in Education: A Dialogue

    Scholars are doing lots of asking and predicting about the risks and rewards of generative artificial intelligence in school, but has anyone asked the all-knowing chatbots?

  • stylized illustration of a global AI treaty signing, featuring diverse human figures seated around a round table

    First Global Treaty to Regulate AI Signed

    The United States, United Kingdom, European Union, and several other countries have signed "The Framework Convention on Artificial Intelligence, Human Rights, Democracy, and the Rule of Law," the world's first legally binding treaty aimed at regulating the use of artificial intelligence (AI).

  • Human Error Remains the Leading Cause of Cloud Data Breaches

    Human error is still one of the biggest threats to cloud security, despite all the technology bells and whistles and alerts and services out there, from multi-factor authentication, to social engineering training, to enterprise-wide integrated cybersecurity platforms, and more.