A hacking tool discovered by analysts at F-Secure, which is capable of stealing information from a connected Windows machine. USBCleaver seems to be designed to facilitate a targeted attack by gathering details that would be helpful in a later infiltration attempt.
To use the application, hacker must install an application called USB Cleaver on his Android device. Once executed, the app downloads a ZIP file from a remote server and then unzips the downloaded file to the following location: /mnt/sdcard/usbcleaver/system folder.
Tools is design to steal information like Browser passwords (Firefox, Chrome and IE), PC’s Wi-Fi password, The PC’s network information etc.
When the device is then plugged into a PC, /mnt/sdcard is mounted and, if autorun is enabled, go.bat and the payload are executed. The app allows the user to select what type of information should be harvested. The utilities save their results in /mnt/sdcard/usbcleaver/logs which the app user can view later by clicking “Log files” in the app.
Most older Windows systems need to have mobile drivers manually installed in order for this attack to work. You can Download USB Cleaver here.