Although currently this Malware is confined to Androids, that doesn’t mean it won’t be making an appearance on your other operating systems soon.
A few applications in the Google Play Store have been sneaking around and masquerading as legitimate downloads when, in fact, they are not. Kaspersky, a well-known cybersecurity company, found both applications claimed to “clean up” your tablet or smartphone. When downloaded, these pieces of software began to snoop a device. Once the Android phone or tablet was plugged into a computer, files would automatically download to Windows-based machines and trigger the audio recording function in Windows. The file would record for a few days and then send the content back to the malware distributor.
Anyone who has re-enabled AutoRun or uses an older version of Windows is at risk, as the malware only works if AutoRun is running. An Android device would have also had to come in contact with the PC via USB connection, but obviously this is much more common than AutoRun.
“A typical attack victim is the owner of an inexpensive Android smartphone who connects his or her smartphone to a PC from time to time, for example, to change the music files on the device,” Kaspersky’s blog mentioned. “Judging by the sales statistics for Android smartphones, I would say that such people are quite numerous. For the attack to be more successful, it only lacks a broader distribution scheme.”
The two applications that were originally the issue, Superclean and DroidCleaner, are no longer available on Google Play. However, the fact that they were ever there in the first place indicates how important it is that Android users keep an eye out for further problems when they download an app.