In association with heise online

01 July 2013, 15:00

Android hack-tool targets Windows PCs

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Leave it to USB Cleaver
Leave it to USB Cleaver
Source: F-Secure
"USB Cleaver" is the name of a hacking tool discovered by analysts at F-Secure which doesn't go after the Android devices data – instead its designed to steal information from PCs. The tool only works though if autorun is enabled on the PC, and, in newer versions of Windows, that is disabled by default.

The Android app first downloads a 3MB ZIP file which it unpacks into a folder on the device's SD card. The files themselves are just various utilities that can grab information like Firefox, Chrome or IE passwords, the PCs Hacktool options
Zoom USB Cleaver's gathering options
Source: F-Secure
Wi-Fi password or other network information. The prospective attacker can use the app to select what information, and by extension what utilities, are configured to be run by autorun.inf and a go.bat batchfile in /mnt/sdcard. When the device is then plugged into a PC, /mnt/sdcard is mounted and, if autorun is enabled, go.bat and the payload are executed. The utilities save their results in /mnt/sdcard/usbcleaver/logs which the app user can view later by clicking "Log files" in the app.

The malware seems to be designed to assist a targeted attack by helping gather details but is mitigated by the fact that Windows 7 and later have disabled autorun and older versions of Windows may well need mobile drivers to be installed to allow the attack to work.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit