Tag Archives: autorun

Android security tips and Windows AutoRun protection

Posted on by

by Armando Orozco

Sick AndroidRecently, two applications designed with malicious intent were discovered within the Google Play application store.  The apps were built with a façade of being utility cleaners designed to help optimize Android-powered phones, but in reality, both apps had code built in designed to copy private files, including photos, and submit them to remote servers.

The applications, named SuperClean and DroidClean, did not stop there. Researchers also found that the malware was able to AutoRun on Windows PC devices when the phones were paired, and infect the main computer.  The malware was designed to record audio through the computer’s microphone.

AutoRun has often been used as a method of infection, and Microsoft has since sent a security fix out to Windows XP/Vista/7 in order to disable the exploitable element. In some cases, however, the feature might have been re-enabled by the user for convenience or never changed through a backlog of updates.

An application such as this has not been seen in the past, and is showing the creative methods through which malware coders are attempting to break through a computer’s security.  With the Android device acting as a Trojan horse for the infection, malicious code has the potential of bypassing established security parameters that typically keep endpoint users safe within their network.

While Webroot has classified the malicious apps, which have been removed from Google Play’s market, it goes to show that protective steps are necessary on all levels of devices to avoid an infection.  Below, we will highlight the steps you can take to help stay protected from attacks like these.

Android Devices:

  • Ensure the latest version of Webroot SecureAnywhere Mobile is installed from the official Google Play Android app store.

Webroot SecureAnywhere (PC users):

  • Ensure USB shield is enabled (on by default)
    • Steps: Open Webroot > Select PC Security Tab > Select Shields > Slide USB Shield to on (green)
    • Advanced users can modify USB heuristic settings:
      • Steps: Open Webroot > Select PC Security Tab > Select Scan > Select Change Scan Settings > Select Heuristics > Select USB > Select desired protection settings

For all users, we recommend ensuring that AutoRun is disabled on your computer.  Even though Microsoft rolled out updates to disable, it is possible it could be enabled.  Finally, always ensure you scan USB and other connected devices for malware before storing data or using on other PCs.

For more information and to keep up with the conversation, head to our community: http://bit.ly/11RKiFa

Source: SecureList http://www.securelist.com/en/blog/805/Mobile_attacks

April 2009 wrapup: Thumbdrives under threat

Posted on by

By Andrew Brandt

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to FurlAdd to Newsvine

We’ve just tallied the top 10 threats Webroot’s consumer products detected during the month of April, and some interesting trends appear to be shaping up.

Conficker aside, the first quarter of 2009 seemed to be dominated by worms that spread not only over a network, but to virtually anything you can plug into a USB port to store files. Thumbdrives and portable hard drives immediately come to mind, but so do  MP3 players, digital picture frames and memory cards — like the kind you’d use in cameras, cellphones, or videogame players.

April proved to be no different. It’s very much a case of what’s old is new again, reminiscent of the era when sharing an infected floppy disk could wreak havoc.

We’re also seeing malware distributors still trying to use old vulnerabilities to try to infect computers. Even JPEG image files containing the MS04-028 vulnerability code — a bug that was fixed in Windows four and a half years ago, are still floating around the net trying to take advantage of older, unpatched system, as are scripts attempting to exploit the ADODB.Stream vulnerability. If you ever needed a reason to run Windows Update, this is it.

Click onward to read the entire list. Continue reading