Underground malware pushers have created an Android app that can be used to steal data from PCs, whose highly-targeted nature has surprised researchers.
The tool was discovered on a Chinese language hacker forum and affects Android and Windows users. It installs an app named USBCleaver, which, upon launch, directs victims to download a ZIP file from a remote server.
Additional files are saved on to the user’s system, which direct the Android device to extract data from a Windows machine when connected via USB. That data includes browser passwords, affecting the three most popular browsers: Firefox, Chrome and Internet Explorer.
The PCs Wi-Fi password and the PC’s network information are also siphoned off, F-Secure said. The company noted the malware’s uniqueness lay in its targeted nature.
“USBCleaver seems to be designed to facilitate a targeted attack by gathering details that would be helpful in a later infiltration attempt,” F-Secure said in a blog post.
“To run the utilities, the sample creates an autorun.inf and go.bat file at /mnt/sdcard. When the device is connected to a Windows computer, the autorun script gets triggered, which then silently runs the go.bat file in the background, which in turn runs the specified files from the usbcleaver/system folder.
“The collected details are stored on the device at /mnt/sdcard/usbcleaver/logs.The app’s user can click on the ‘Log Files’ button to view the information retrieved from the PC.”
F-Secure advised users to disable autorun by default, as this should prevent the threat working.
Android malware continues to be the scourge of the mobile world. Juniper Networks recently claimed Android was the target for 92 percent of all known mobile malware.
Think you know everything about Android? Try our quiz!
Thoma Bravo agrees to acquire Darktrace for $5.32 billion in cash, delivering some welcome news…
Customer adoption of AI services embedded in cloud services continues to deliver results for Microsoft,…
TikTok's 'secret source' algorithm is so core to ByteDance, it would rather shut down US…
After relocating from California to Texas in 2020, Oracle's Larry Ellison now reveals plan to…
Share price hit after Meta admits heavy AI spending plans, after posting strong first quarter…
For third time Google delays phase-out of third-party Chrome cookies after pushback from industry and…