In Pictures: The 10 weirdest, wildest, most shocking security exploits ever

Surprise! Bad guys are getting creative

Bait-and-switch done wrong

Just a few weeks back, Kaspersky researchers discovered two apps in the Google Play Store—DroidCleaner and Superclean—that purport to restart all the running services on your phone, but get nasty when you connect your Android handset to your Windows PC as a disk drive (say, to transfer music or pictures).

If your PC has AutoRun enabled, code that the app hid deep in the root of your phone's SD Card executes and installs the malware. Once entrenched, the malware monitors your microphone. If it notices sound, it begins recording the audio, which it then encrypts and sends to the malware's master.

Devastating? Probably not. A novel twist on an old AutoRun vulnerability? Yes, indeed.

7 of 11

Comments on this image

There are currently no comments for this image.

Comments are now closed.