ID: IRCNE2011081204
Date: 2011-08-02
According to “ComputerWorldUK”, a new Android Trojan is capable of recording phone conversations.
While a previous Trojan found by CA logged the details of incoming and outgoing phone calls and the call duration, the malware identified this week records the actual phone conversations in AMR format and stores the recordings on the device's SD card.
The malware also "drops a 'configuration' file that contains key information about the remote server and the parameters," CA security researcher Dinesh Venkatesan writes in a blog, perhaps suggesting that the recorded calls can be uploaded to a server maintained by an attacker. Venkatesan tested the Trojan in "a controlled environment with two mobile emulators running along with simulated Internet services," and posted screenshots with the results. It appears the Trojan can only be installed if the Android device owner clicks the "install" button on a message that looks strikingly similar to the installation screens of legitimate applications.
After the malware and the remote server configuration file are installed on the Android device, making a phone call "triggers the payload" -- in other words, recording the call and storing it on the SD card.
"As it is already widely acknowledged that this year is the year of mobile malware, we advice the smartphone users to be more logical and exercise the basic security principles while surfing and installing any applications," Venkatesan writes.
- 3