Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

scan mobile phones for malware that can infect PC (windows-8.1)


  • Please log in to reply
13 replies to this topic

#1 anniyan

anniyan

  • Members
  • 222 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Under your bed, mwahahahahaha!
  • Local time:05:16 AM

Posted 06 February 2017 - 05:35 PM

i have 3 mobile-phones: (lollipop, eclair and windows-phone-8). i often connect them to my dad's laptop via USB. older androids can be connected as UMS, newer androids replace UMS by MTP and PTP. i recently found out that my dad's laptop has been infected. i dont want these mobile phones to be vectors of infections to my laptop. how can i remove from these phones, -malware that can infect PC(windows)- (using antivirus rescue disc from my PC, via USB)? i dont see a "scan for malware" option in the right-click context menu of the icon of my phone (and its subfolders) when i open it in file explorer in windows. so i am thinking of scanning them using an AV rescue disc. i have already downloaded updatable rescue discs of bitdefender and kaspersky. how am i to proceed?


Edited by hamluis, 18 February 2017 - 11:41 AM.
Moved from Android OS to Gen Security - Hamluis.


Become a BleepingComputer fan on Facebook
Have you seen.....Select Real Security

BC AdBot (Login to Remove)

 


#2 anniyan

anniyan
  • Topic Starter

  • Members
  • 222 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Under your bed, mwahahahahaha!
  • Local time:05:16 AM

Posted 14 February 2017 - 01:27 PM

can someone respond please? many thanks in advance !!!

Become a BleepingComputer fan on Facebook
Have you seen.....Select Real Security

#3 eth4n

eth4n

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:46 AM

Posted 20 February 2017 - 03:43 AM

Hi,

 

I doubt that malware for desktop Windows is really compatible with Windows Phone and Android. But, if you want to make sure there's no malware on the phone, your only choice is to backup your data from the phone and then flash it.

 

You can flash Windows Phone quite easily using their Windows Device Recovery Tool: https://support.microsoft.com/en-us/help/12379/windows-10-mobile-device-recovery-tool-faq

Android is more tricky and I'd recommend bringing it to a local store, unless it's a really old device, they should be able to help.


Regards,

Ethan

 

If I don't reply within 48 hours, feel free to PM me.


#4 anniyan

anniyan
  • Topic Starter

  • Members
  • 222 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Under your bed, mwahahahahaha!
  • Local time:05:16 AM

Posted 20 February 2017 - 02:52 PM

 

I doubt that malware for desktop Windows is really compatible with Windows Phone and Android.

yeah, malware written for desktop-windows CAN NOT infect operating systems of mobile phones. but they can copy themselves from an infected pc to the storage of mobile phones and can infect another desktop-windows system when i connect them to it. that is why, i am seeking a suggestion. but flashing the device is much of an overkill, right? can the storage of the mobile phones be mounted like an USB HDD in a rescue disk (which is linux-based) environment?

 

and thanks for the reply @eth4n :)


Edited by anniyan, 20 February 2017 - 02:53 PM.


Become a BleepingComputer fan on Facebook
Have you seen.....Select Real Security

#5 eth4n

eth4n

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:46 AM

Posted 20 February 2017 - 03:41 PM

I see. Unfortunately, as far as I know no rescue disk based on linux includes libmtp, so you cannot mount the storage there. But you can install a linux distro into a PC and install something like Sophos Antivirus for Linux into it: https://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-linux.aspx

 

I cannot confirm that it will work, but it should. :)


Regards,

Ethan

 

If I don't reply within 48 hours, feel free to PM me.


#6 JohnnyJammer

JohnnyJammer

  • Members
  • 1,114 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:QLD Australia
  • Local time:09:46 AM

Posted 20 February 2017 - 06:00 PM

I would have thought a java applet written for android could spread to Windows 8.^ and vice versa but i am yet to ever see or hear of malware written and spread on a Windows phone.

This is the main reason i use a windows phone because im yet to see any evidence of exploitation of these devices, besides microsoft knowing everything i do, but so does apple if you have any iDevices!



#7 eth4n

eth4n

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:46 AM

Posted 20 February 2017 - 07:23 PM

I would have thought a java applet written for android could spread to Windows 8.^

Have you ever seen anything like that? Pure curiosity.


Regards,

Ethan

 

If I don't reply within 48 hours, feel free to PM me.


#8 JohnnyJammer

JohnnyJammer

  • Members
  • 1,114 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:QLD Australia
  • Local time:09:46 AM

Posted 20 February 2017 - 11:00 PM

 

I would have thought a java applet written for android could spread to Windows 8.^

Have you ever seen anything like that? Pure curiosity.

 

No but anythign cross platform im sure could be exploited.

Didn't the stuxnet have this capability or the NSO have tools for this.

 

Always remember, because we may not see it doesnt mean it doesnt exist, IE(Like stuxnet or as some call it Olympic gate).

No one thought of exploiting PLC's either but it did happen!



#9 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,935 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:46 PM

Posted 22 February 2017 - 05:28 PM

I don't use Android, Smart Phones, Tablets, iPads, third party apps, etc...but this is what my Colleague Didier Stevens, Microsoft MVP Consumer Security has to say.

Several smartphone operating systems (OS) offer no API's at all for AV applications to be able to perform. In iOS (that's the OS of the iPhone), an AV app is like any other app, it has no special privileges or access so that it can monitor the phone resources for malware. So there can not be any good anti-virus programs for the iPhone, because the OS does not provide the features required for an AV program to be able to do a good job.


These are comments from Animal, Bleeping Computer Admin Post #10

...Android malware has to be installed by the user...Android as an OS is not as vulnerable as the pundits want to make it. Unlike Windows with Android you have to actually install malware. Thereby making the user the key to whether you become infected with malware while using Android. It doesn't self extract. However yes using a browser on unsafe sites is no different than on Windows. The browser is the key flaw here not Android.

However Windows allows self extracting malware via downloads and emails, etc. That's not the case with Android. You can download it but until you actually install it, nothing happens.


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#10 JohnnyJammer

JohnnyJammer

  • Members
  • 1,114 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:QLD Australia
  • Local time:09:46 AM

Posted 26 February 2017 - 07:39 PM

Should make the point that Windows would be the Windows operating system (Desktop) and not Windows phone operating system (Phone) because there is a massive difference!


Edited by JohnnyJammer, 26 February 2017 - 07:45 PM.


#11 anniyan

anniyan
  • Topic Starter

  • Members
  • 222 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Under your bed, mwahahahahaha!
  • Local time:05:16 AM

Posted 27 February 2017 - 01:27 PM

thanks a ton for all the above replies, but i need to re-iterate my query. @quietman7, forgive me, but, i did NOT ask about how to remove from my phones, malware that are written to infect android or windows-phone OSes. my dad's laptop running windows8.1 has some infection. and before knowing that, i had connected my 3 phones to it. now my fear is, if i connect any of my phones to another clean laptop, that new laptop will get infected right? it is like the situation explained here:
https://blog.lookout.com/blog/2010/08/31/malware-from-computers-spreading-through-smartphones/

i am just looking to avoid this using the AV-rescue-disks which i have downloaded, so as to clean my phones before connecting them to the new laptop.
PS. forgive my english if it sounds rude, coz, english is not my native language.

Become a BleepingComputer fan on Facebook
Have you seen.....Select Real Security

#12 JohnnyJammer

JohnnyJammer

  • Members
  • 1,114 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:QLD Australia
  • Local time:09:46 AM

Posted 27 February 2017 - 09:13 PM

NO because there only be a handfull of malware written for multiple platforms, only a state sponsor would write such malware and they would need to know the targets phone, desktop operating system, tablets etc.

it would have to be very specific to execute on multiple devices mate and its incredibly rare and generally not seen in the wild.



#13 anniyan

anniyan
  • Topic Starter

  • Members
  • 222 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Under your bed, mwahahahahaha!
  • Local time:05:16 AM

Posted 20 March 2017 - 03:25 PM

sorry about the late response. so, can i assume it is safe to connect the phones to an un-infected laptop, and be sure that the laptop wont get infected? is there no way to scan the phones for malware that can infect 'desktop-windows'?



Become a BleepingComputer fan on Facebook
Have you seen.....Select Real Security

#14 Rabh17

Rabh17

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 19 July 2017 - 02:48 PM

I have a slight derivation on the question of infection via Cellphone--

I've blocked off regular USB drives on my Office network workstation using the Regedit tweak in USBSTOR. But then one day, I noticed that a Lab consultant had successfully transferred files to a PC that was USBSTOR locked....the consultant was using her PHONE as a transfer device. At once, I went thru all the other workstations where every staffer was essentially using the PC as a Charging Station for their phone and saw various Phones LISTED in the AutoPlay control.

Now I am confident that except for the Lab Consultant, most no-one else even bothers to transfer files or anything. The USB connection is just a glorified Charging Port.  Most average people don't even HAVE plain USB thumbdrives anymore! But EVERYONE unthinkingly plugs their phone into the nearest USB slot they can find! Including your friends when they visit your home!

But the continuing pervasive spread of Ransomware kept niggling at me. So I enabled the GPEDIT tweak to deny read write to MTP/WPD devices. But then the thought occurred to me....

Maybe we're asking the WRONG QUESTION. Turn the question over. Don't use the word VIRUS. Instead use the word MALWARE. The PHONE doesn't have to be Infected. It just Needs to be a CARRIER. Millions of Phone users regularly download Freebie garbage apps that do pretty, amusing & useless stuff until they're bored with the app and then forget about it.

But they NEVER UNINSTALL it. Nevermind even bothering to look at what default Privileges the App has, including the functionality that keeps it alive and running in the background.

In short-- what if there was an APP that does NOTHING to the Phone, but it has one little module that does nothing but WAIT for the signal that the phone has just been connected to a Windows PC and recognized as a MTP device? And then, LIKE a Virus, it Injects its malware load across the link?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users