Malicious Android Applications on Google Play Infect Windows PC

Malicious Android Applications on Google Play Infect Windows PC

Would you share this Article with others?

Two malicious Android applications have been discovered in Google Play application store. The names of the application are Superclean and DroidCleaner. These applications can copy your photos, SMS messages, contacts and other files and send them to a remote server on the internet.

The malicious applications Superclean and DroidCleaner tricked Smartphones users into downloading them by, claiming to be utility optimizers or cleaners. Utility optimizers or cleaners are applications which help to speed up your Smartphone.

malicious Android application Superclean  malicious Android application DroidCleaner

If one of these malicious applications is downloaded and executed, it downloads the following files onto the Smartphone from a remote server:

  • autorun.inf
  • folder.ico
  • svchosts.exe

These are files that operate on a Windows computer (PC).

Once the same infected Smartphone is connected to a PC, the auto-run feature in Windows will automatically execute the malicious file svchosts.exe on the Smartphone which will infect the PC with the malware Backdoor.MSIL.Ssucl.a.

This malware is used to record audio through a computer microphone and send the recorded audio to a remote server on the internet. This malware spies on you by recording everything that is said and sending it to the hackers who created it.

Current versions of Windows have disabled the auto-run feature but, the older or outdated versions of Windows may still have this feature enabled. These outdates versions of Windows are the ones that are most vulnerable to infection from these Smartphone applications.

The malicious Android applications Superclean and DroidCleaner can also do the following:

  • Send SMS messages
  • Enable Wi-Fi
  • Gather information about your phone
  • Open random links in a browser
  • Upload your phone's SD card’s entire contents to a remote server
  • Upload all SMS messages
  • Delete all SMS messages
  • Upload all the contacts and photos from your phone to a remote server

 Both applications have been removed from the Google Play application store.

Note: Some of the names, addresses, email addresses, telephone numbers or other information in samples on this website may have been impersonated or spoofed.

Please share what you know or ask a question about this article by leaving a comment below. Check the comment section below for additional information, if there is any. Remember to forward suspicious, malicious, or phishing email messages to us at the following email address: And, report missing persons, scams, untrustworthy, or fraudulent websites to us. Tell us why you consider the websites untrustworthy or fraudulent. Also, to quickly find answers to your questions, use our search engine.

You can help maintain Online Threat Alerts (OTA) by paying a service fee. Click here to make payment.

Comments, Questions, Answers, or Reviews
There are no comments as yet, please leave one below or revisit.

To help protect your privacy, please do not post or remove, your full name, telephone number, email address, username, password, account number, credit card information, home address or other sensitive information in or from your comments, questions, or reviews.

Write Your Comment, Question, Answer, or Review
Write your comment, question, answer, or review in the box below to share what you know or to get answers. NB: We will use your IP address to display your approximate location to other users.
Your comment, question, answer, or review will be posted as an anonymous user because you are not signed in. Anonymous posts cannot be edited or deleted. Sign-in.

Malicious Android Applications on Google Play Infect Windows PC