The Android OS has had its fair share of malware scares over the years, often drawing comparisons with its competitor iOS, who apparently has a pretty clean sheet. A new malware has reared its head in the last few days, found by Symantec, but while most Android malware targets the OS from within, this latest one takes a slightly different route. Trojan.Droidpak is its name and it is a piece of Windows Malware that attempts to infect Android.
So how exactly does it do this? Flora Liu from Symantec explains:
The infection starts with a Trojan named Trojan.Droidpak. It drops a malicious DLL (also detected as Trojan.Droidpak) and registers it as a system service. This DLL then downloads a configuration file from [a] remote server… It then parses the configuration file in order to download a malicious APK
The file also continues to do malicious things such as downloading Android Debug Bridge and searching for Korean online banking apps, prompting the user to replace them with infected versions; all-in-all, a pretty nasty piece of code. So how do you avoid the risk of becoming victim to Trojan.Droidpak? Symantec has these suggestions for you:
Turn off USB debugging on your Android device when you are not using it
Exercise caution when connecting your mobile device to untrustworthy computers