The security-minded folks at Kaspersky Lab [via Gizmodo] say they recently discovered the apps, made by the same company and offering the same services, in the Google Play store. The apps are one of many that claim to help improve the speed and performance of Android devices.
But when the user runs the apps, they download pieces of malware that infects the phone, granting remotes parties to capabilities for:
*Sending SMS messages
*Gathering information about the device
*Opening arbitrary links in a browser
*Uploading the SD card’s entire contents
*Uploading an arbitrary file (or folder) to the master’s server
*Uploading all SMS messages
*Deleting all SMS messages
*Uploading all the contacts/photos/coordinates from the device to the master
But the real kicker is what happens when the user plugs their phone into their computer via USB.
It appears that most Windows users are not at risk, as current versions of the OS have AutoRun turned off by default, meaning that the computer won’t automatically execute the phone’s malware when it’s plugged into the PC. But for those who have turned AutoRun on or are still using older versions of Windows, this malware could actually turn your computer’s microphone into a recording device that transmits the recorded sounds back to the malicious party.
“It is those users who use outdated OS versions that are targeted by this attack vector,” explains the Kaspersky tech. “Thus, a typical attack victim is the owner of an inexpensive Android smartphone who connects his or her smartphone to a PC from time to time, for example, to change the music files on the device. Judging by the sales statistics for Android smartphones, I would say that such people are quite numerous.”
The article does not link to either app, nor could we find the apps in the Google Play store, so perhaps — and hopefully — they are no longer available.
Regardless, this feels like a vision of things to come from malware creators, who will only get more creative as the world grows more dependent on smartphones.