Criminals have developed an Android hack tool capable of siphoning vast amounts of data from compromised Windows PCs, according to Finnish security firm F-Secure.
F-Secure said the USBCleaver attack tool can steal numerous types of data from Windows PCs, including browser passwords stored on Firefox, Chrome and Internet Explorer and the PC's WiFi password and network information. F-Secure analyst Sean Sullivan confirmed to V3 while dangerous, the tool requires physical access to a machine to work, diminishing its threat to businesses.
"The key thing is access. The hack tool needs to connect to the Windows PC, typically via a USB cable. Physical security is critical. Business travellers should always shut down (not suspend) their computers and lock them up in the hotel's safe in order to avoid ‘evil maid' attacks. An attacker carrying a laptop and gear around a hotel might look suspicious. But somebody with a phone? Not at all," he said.
Sullivan added that such tools have been commonly carried and distributed via USB sticks in the past. "For a long time now there have been Linux boot hack-tool kits for netbooks and the like. USB Cleaver is an Android tool for hacking Windows computers. It effectively reduces the size and amount of the hardware that needs to be carried around," he said.
F-Secure reported there are already numerous other ways outside of physical measures able to protect users from the Android hack tool.
"Fortunately, USBCleaver's Windows-infecting routine can be blocked by a simple measure that's been standard security advice for the last couple of years: disabling the Autorun by default (this is already standard on Windows 7 machines). An additional mitigating factor is that most older Windows systems need to have mobile drivers manually installed in order for this attack to work," F-Secure noted.
The attack tool is one of many mobile threats being uncovered on Android. Generally the threats are Trojan applications sold on third-party marketplaces or phishing scams containing malware designed for Android, though numerous security vendors have reported detecting more advanced attacks targeting the platform. Most recently, McAfee reported finding advanced mobile malware able to infect Android smartphones and tablets via Bluetooth.