Criminals start to attack Android phone users via Windows

News by Tim Ring

New malware that attacks Android phone users through their Windows operating systems has been revealed by Symantec

Researchers at the anti-virus company revealed the ‘Trojan.Droidpak' bug in a January 23 blog post, and detailed how it infects Windows PCs and laptops before downloading the malware onto any Android phone that connects to the aforementioned devices via the USB port.

The attack is narrowly focused on developers who use the Android Debug Bridge (ADB) and Java Development Kit software, while the Fakebank malware that it injects aims to steal the credentials of online users of Korean banks.

But experts are highlighting the threat because they believe it may mark the onset of more widespread Windows-based attacks on Android users.

Symantec threat analyst Alan Neville told “It's showing that attackers are taking other avenues in order to try and get malware onto Android phones, and not just relying on the users to either surf on malicious websites or download dodgy applications.

“They are trying to basically target Android devices on a wider scale where a lot more users will use Windows operating systems. We haven't seen a lot of Windows malware actually attempting to cross-platform into Android.”

Rob Miller, security consultant at information security consultancy MWR InfoSecurity, agreed and told that malware authors are now taking Android as seriously as Windows when it comes to attacks.

“The initial view of this is it is potentially very interesting and it definitely shows a sign that malware writers are looking at attacking Android phones as seriously as they would attack desktop PCs,” he said.

Neville, meanwhile, added that Android devices are tempting to cyber attackers because they are easier to exploit than other smartphones.

“When you compare the likes of other phones, Android is quite open to download applications not just from Google Play, but users download applications from third-party stores as well, and those stores can contain malicious Trojanised applications.”

Last week's Cisco 2014 Annual Security Report also underlined the growing appeal of Android among attackers, finding that 99 percent of all mobile malware currently targets Android devices.

The Fakebank discovery follows a report by FireEye researchers earlier this month that a long-standing Android vulnerability - which allows hackers to potentially take control of any Android application that accesses standard adverts downloaded from stores like Google Play - is now being actively exploited.

The JavaScript Binding Over HTTP and related JavaScript Sidedoor malware may be present in “literally billions of app downloads“, FireEye told earlier this month.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews