Researchers at Symantec antivirus firm have discovered a malicious code that is able to infect Android mobile device with a banking malware during synchronization. The Android malware that was designed to hit Windows user could compromise user’s Smartphone during file transfer, device syncing and backup management operation.
The file contains the information to download a malicious APK and storing it to the following location on the infected PC:
The Android malware detected by the analysts seems to be specifically designed for the Korean population because the malicious APK searches for certain Korean online banking applications on the infected device.
The communication between the mobile device and the compromised PC is realized by a software bridge called Android Debug Bridge (ADB), it is a command line tool that allows the malicious code to execute commands on Android Smartphone connected to the infected computer.
The Android Debug Bridge is a legitimate tool included in the Android software development kit (SDK), when victim connect an Android device having USB debugging Mode enabled, it launches installation process and infect the Smartphone dropping the Android Malware. Once the Android malware has infected the device, it installs an app that will appear as a Google App Store.
Android is the most targeted OS by cyber criminals because its large diffusion, numerous families of malware were created in 2013 to hit mobile users and an increasing number of hack tools was available in the underground to hack such powerful platform.
(Security Affairs – Android Malware, Banking trojan)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.