Android hack tool harvests info from PCs
Posted on 01.07.2013
Stealing information is a piece of cake if you can manage to get malware on the target's Windows computer, but did you know that it can also be as easy as connecting your Android device to it and running an app?

An F-Secure security response analysts has discovered the existence of a hack-tool / app called USB Cleaver that can do just that.

Once installed and launched, the app first asks the user to download additional files that it then stashes in the /mnt/sdcard/usbcleaver/system folder.

These files are utilities whose function is to retrieve specified pieces of information from a Windows machine:



The data that the app / utilities collect is stored on the device (/mnt/sdcard/usbcleaver/logs) and the attacker can review it by clicking on the "Log Files" button.

"Fortunately, USBCleaver's Windows-infecting routine can be blocked by a simple measure that's been standard security advice for the last couple years: disabling the Autorun by default (this is already standard on Windows 7 machines)," the analysts pointed out.

"An additional mitigating factor is that most older Windows systems need to have mobile drivers manually installed in order for this attack to work."

Also, F-Secure's AV solutions detects as malicious most of the downloaded utilities already.









Spotlight

What can we learn from the top 10 biggest data breaches?

Posted on 21 August 2014.  |  Here's a list of the top 10 biggest data breaches of the last five years. It identifies the cause of each breach as well as the resulting financial and reputation damage suffered by each company.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Aug 22nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //