Security researchers from the Chinese antivirus vendor Qihoo 360 have discovered Android malware that tries to infect Windows computers. The Android malware pretends to be WhatsApp or Telegram and is distributed through .APK file downloads, not through Google’s Play Store.
Once an Android user installs the malicious .APK file, the attackers gain full control over the device. Besides that, the malware will also place Windows malware in the device’s DCIM folder. This is the default folder where the camera saves photos. When a user copies photos from the DCIM folder on his Android device, to his Windows computer, the Windows malware is also copied.
When the user opens the malware on his Windows PC, the computer is also infected with malware. In this case, the malware is a remote access Trojan.
Qihoo 360 reports it’s the first time that Android malware is used to infect Windows computers. The malware has mainly been detected on devices in Turkey, Jordan and Syria.