Android Trojan records phone calls

Jon Brodkin (Network World)
02 August, 2011 07:29
Comments

A new Android Trojan is capable of recording phone conversations, according to a CA security researcher.

While a previous Trojan found by CA logged the details of incoming and outgoing phone calls and the call duration, the malware identified this week records the actual phone conversations in AMR format and stores the recordings on the device's SD card.

The malware also "drops a 'configuration' file that contains key information about the remote server and the parameters," CA security researcher Dinesh Venkatesan writes in a blog, perhaps suggesting that the recorded calls can be uploaded to a server maintained by an attacker.

TARGET: Malware writers gunning for Google Android

Venkatesan tested the Trojan in "a controlled environment with two mobile emulators running along with simulated Internet services," and posted screenshots with the results. It appears the Trojan can only be installed if the Android device owner clicks the "install" button on a message that looks strikingly similar to the installation screens of legitimate applications.

After the malware and the remote server configuration file are installed on the Android device, making a phone call "triggers the payload" -- in other words, recording the call and storing it on the SD card.

"As it is already widely acknowledged that this year is the year of mobile malware, we advice the smartphone users to be more logical and exercise the basic security principles while surfing and installing any applications," Venkatesan writes.

While Android provides more flexibility than the iPhone by allowing installation of third-party applications, even those that were not approved for the Android Market, this freedom seems to come with increased security risk. Malware-infected applications have also been found in the Android Market itself, but users can protect themselves by installing antivirus software, just as they would on a PC.

Follow Jon Brodkin on Twitter: www.twitter.com/jbrodkin

Read more about wide area network in Network World's Wide Area Network section.

Bookmark this page
Share this article
- facebook
- slashdot
- digg
- Reddit
- stumbleupon
- linkedin
- twitter
Got more on this story? Email ARN
Follow ARN on twitter

More about: CA Technologies, Google, LAN

References show all

Comments are now closed.

Share
Share this article1
- google+
- facebook facebook
- slashdot slashdot
- digg digg
- Reddit Reddit
- stumbleupon stumbleupon
- linkedin linkedin
- twitter twitter
print
email
Bookmark

Related Coverage

Related Whitepapers

Latest Stories

Community Comments

"It really is pretty cool. Let's keep passing it on everybody. Here ..."

Barracuda Networks raises free capacity of Copy.com to 15GB
"This is an amazing offer, 20 GB free online storage and SYNC ..."

Barracuda Networks raises free capacity of Copy.com to 15GB
"Get free 22GB forever here (complete register and install apps) and unlimited ..."

Barracuda Networks raises free capacity of Copy.com to 15GB
"Why wouldn't you use HelloSign? It's a much more mature product."

Aussie start up launches online document platform
"Using Copy to backup photos, works great. Here is a new unused ..."

Barracuda Networks raises free capacity of Copy.com to 15GB

Tags: Networking, wireless, Android, software, anti-malware, malware, cybercrime, consumer electronics, Google, security, mobile security, smartphones, legal

ARN Directory | Distributors relevant to this article

Aquion , Express Data , Topstar Computer International , Westcon Group

ARN Directory | Vendors relevant to this article

Most Read

Get exclusive access to ARN's news, research and invitation only events.

Featured Resources

Modernizing Security for the Small and Mid-Sized Business – Recommendations for 2013 (Sponsored by McAfee)

As small and mid-sized businesses (SMBs) take advantage of the compelling benefits of the transformations in their IT computing infrastructure they should also re-think how they deal with the corresponding vulnerabilities, threats and risks. Specifically, email security, web security and secure file sharing should be considered foundational security capabilities for every small and mid-sized business, in addition to anti-virus and firewalls.

Most Commented

ARN Distributor Directory

Find distributors by name | vendor | location

Channel Deals

ACA Pacific

ABBYY FineReader 11. The Professionals choice for Intelligent OCR.

More details »

ARN Vendor Directory

Find vendors by name | category

iAsset is a channel management ecosystem that automates all major aspects of the entire sales,marketing and service process, including data tracking, integrated learning, knowledge management and product lifecycle management.

Latest Jobs