[guardian-dev] android malware activates mic on phone and exploits pc (with code!)

Abel Luck abel at guardianproject.info
Mon Feb 4 06:51:41 EST 2013


"Thus, a typical attack victim is the owner of an inexpensive Android
smartphone who connects his or her smartphone to a PC from time to time,
for example, to change the music files on the device. Judging by the
sales statistics for Android smartphones, I would say that such people
are quite numerous. For the attack to be more successful, it only lacks
a broader distribution scheme.

It is worth noting that the approach used by the author of these
applications is very well thought out. The app includes a vast range of
features. For instance, in addition to infecting workstations, the
Android version of the bot includes the following features:

    Sending SMS messages
    Enabling Wi-Fi
    Gathering information about the device
    Opening arbitrary links in a browser
    Uploading the SD card’s entire contents
    Uploading an arbitrary file (or folder) to the master’s server
    Uploading all SMS messages
    Deleting all SMS messages
    Uploading all the contacts/photos/coordinates from the device to the

This is the first time we have seen such an extensive feature set in one
mobile application."

More information about the Guardian-dev mailing list