Trojan uses Android LiveCD for PCs as bait

by CXOtoday Staff    Jun 11, 2010

As people’s interest in trying out the new Android OS for x86 platforms grows, cybercriminals are looking to exploit vulnerable users wanting to install the OS on their PCs. A quick search on the Internet for "Android on PC" returns a long list of sites offering the possibility to test the new OS on x86 Windows platforms. However a fake webpage which promises the OS for PCs, actually delivers a Trojan.

Original Live Android site vs. Fake Live
Android site

A closer look at the fallacious site and at the downloaded file reveals
several differences, the most important of which being that the
downloaded file should have an .iso image, not an .exe extension. The
sites may look the same, but there are a few minor details that will set
the bogus apart from the genuine one (as indicated in the screenshots
below)


Trojan instead of Android OS

Identified as Trojan.Generic.KD.13718, this piece of malware affects only Windows platforms and contains malicious or potentially unwanted software which it drops and installs on the system. Frequently, it installs a backdoor which allows remote, stealthy access to the infected system. This backdoor may then be used by cybercriminals to upload and install additional malicious or potentially unwanted software on the captured system.