January 30, 2014 No Comments-
Remember when governments were concerned about Avian Flu, the virus which crossed from birds into humans? It seems like we’re on the cusp of a similar thing in computing, as security researchers have discovered a piece of malware that will infect your PC in an attempt to access your Android smartphone.
The process of infection, to Windows PC and then to the smartphone, is a long one, but that doesn’t make it any less dangerous. It starts with the malware downloading itself onto your Windows computer, where it poses as a system service.
Once it reaches this stage, it will then download an APK file on to your computer. APKs are files that Android smartphones use to install software. The malware will then wait for an Android handset to be connected to the computer using a USB cable, after which it sends the APK onto the Android handset and installs the virus it was designed to deliver.
It all seems like a lot of effort, doesn’t it? Unfortunately, this shows the extreme lengths that criminals will go to in order to access your information. Any security hole – no matter how difficult to exploit – is at risk when malware writers are this determined.
The discovery of this malware is important for us Windows users, as it reminds us that having an infected computer can harm more than one system. In the past, if your computer had malware, there was a chance it could infect other people’s computers by emailing itself to your friends, or infecting your USB sticks. Now phones can be added to the list of technology that can be compromised from an infected PC.
The lesson is that it’s never been more important to ensure that your Windows PC is running a piece of anti-virus software.
The malware itself was designed to look for text message confirmation codes – the kind that some online banks use to confirm online payments. It seems like the malware writers were trying to steal money from people’s bank accounts, and wrote this virus to get the confirmation codes from Android phones.
This serves as a good reminder that even more advanced security techniques will be compromised by criminals if they’re not continually developed – even if the hack is a long, unwieldy one.
For now, most European and US users don’t have to worry about this exact virus, as it was designed specifically to look for South Korean banking websites to steal users’ information. However, it won’t be long before a similar technique finds its way into the Western world.
Norman Safeground Blogs Archive