Android malware on Google Play installs trojans on PCs

MANILA, Philippines - If you own an inexpensive Android phone and are looking to improve its performance, you will want to be more careful with the kind of "cleanup" apps you download off Google Play.

Internet security group Kaspersky recently put up a post about malware on the Google Play store. The malware misrepresents itself as one of those "cleanup" apps that free up memory on your smartphone.

The malware, when it is run on a mobile device, looks like it is doing what it advertises by restarting the apps. What's unseen, however, is how the app downloads three files onto your SD card: autorun.inf, folder.ico, and svchosts.exe.

When a user connects his infected device to his PC and runs it on USB emulation mode, such as when trying to transfer files to and from the device to the PC, it executes the malware from the device into the PC.

The malware appears to take control of any connected microphones to record audio input. It then encrypts the recordings and sends them to the malware maker.

Kaspersky notes how this malware can affect a large number of Android users. As Victor Chebyshev writes in the Kaspersky report, "a typical attack victim is the owner of an inexpensive Android smartphone who connects his or her smartphone to a PC from time to time, for example, to change the music files on the device. Judging by the sales statistics for Android smartphones, I would say that such people are quite numerous." -


Victor Barreiro Jr.

Victor Barreiro Jr is part of Rappler's Central Desk. An avid patron of role-playing games and science fiction and fantasy shows, he also yearns to do good in the world, and hopes his work with Rappler helps to increase the good that's out there.