Symantec is warning businesses and consumers about a new computer Trojan program that can install mobile banking malware on Android devices connected to infected PCs. This is an unusual method, as in the past, mobile attackers infected devices using social engineering and fake applications hosted on third-party app stores.
Fortunately, the Trojan program won’t work unless the option called “USB debugging” is enabled on your Android device.
USB debugging is used to perform some operations, such as rooting the OS, installing custom Android firmware, or taking screen shots on devices running older Android versions.
This feature isn’t often used, but if you’ve turned it on, it’s critical to disable USB debugging immediately.
The Trojan program also intercepts SMS messages received on the user’s device and sends them to a remote service. This is usually done if the message contains transaction authorization sent by banks. Ultimately, the attacker’s goal is to perform financial fraud.
It’s important to disable the USB debugging feature on your Android device and be careful when connecting your device to an unfamiliar PC.
To learn more about mobile malware and how to protect your mobile devices, give us a call or send us an email. We can help you protect your confidential data from the latest security threats.