F-Secure analysts have announced that an Android tool named USB Cleaver is installed on Android and then sits and waits until the phone is connected to a Windows PC. Then it can gather information, such as passwords and network info, off the PC.
This particular attack is generally only a threat to computers running older versions of Windows, since it relies on Autorun, which is disabled by default on Windows 7 and later operating systems. But it illustrates how attackers can use popular smartphones to attack desktop and laptop systems and the networks to which they’re connected.
Read more:
http://www.h-online.com/security/news/item/Android-hack-tool-targets-Windows-PCs-1909347.html