I've heard about a lot of terrible malware during my tenure here at AndroidPIT, but this particular threat is one of the worst I've ever heard of. I'm not saying you'll likely download it, but if you do and then happen connect your smartphone to your computer, you're s**t out of luck. This trojan horse is packed with evil.
The security firm Kapersky discovered a trojan horse malware that advertises itself as a "cleaner" app meant to free memory on your Android's OS, but goes insane once you've connected your smartphone to your computer.
Kapersky says the malware has the "most extensive feature set" it's ever seen in one mobile app. Here's the full list:
- Sending SMS messages.
- Enabling Wi-Fi.
- Gathering information about the device.
- Opening arbitrary links in a browser.
- Uploading the SD card’s entire contents.
- Uploading an arbitrary file (or folder) to the master’s server.
- Uploading all SMS messages.
- Deleting all SMS messages.
- Uploading all the contacts/photos/coordinates from the device to the master.
Once the app is installed on your Windows PC, it is capable of taken control of the microphone to record you. The app lists the running processes on your device and restarts them in the foreground to make it look like it's doing what you want it to do.
The app is called DroidCleaner – and has a sibling called Superclean – and both are still available on Google Play. Superclean even has 16 five-star reviews (likely posted by the developer's friends). It looks like they were uploaded by a Russian developer. Pro tip: don't download them. While you're at it, don't download any app that is not from a trusted source.
If you're interested in exactly how the malware code infects your smartphone and computer, check out the link below. It's rather fascinating!