Droid spyware answers phone calls

Powered by SC Magazine
 

Ain't no secretary.

A malicious Android app that disguises itself as Google's new social networking platform, Google+, is capable of stealing data, and answering and recording incoming phone calls, researchers said this week.

The spyware app disguises itself as Google+ by installing itself with the name “Google ++,” Jamz Yaneza, threat research manager at Trend Micro.

The malware contained in the app shares the same code structure as previously discovered Android spyware that also can steal information and record phone calls made from infected devices.

Unlike the older variants, however, the new variant can automatically answer incoming phone calls on versions 2.2 and earlier.

“Once it is installed you won't know it is doing anything malicious,” Yaneza said.

The malware automatically answers incoming phone calls made from a predefined number of the attacker's choosing.

To conceal that it is answering a call, the malware first sets an infected device on silent mode and hides the dial pad. This allows attackers to stealthily eavesdrop on conversations occurring around the phone.

The app, which must be manually installed by a user to run, is currently being distributed on an unofficial Android  market, said Yaneza, who would not name the site.

It is not available in the official Google Android Market.

In addition to spying on users, the app is also capable of stealing data from infected devices, including text messages, call logs and GPS locations.

Stolen data is sent to a remote server in China, Yaneza said. The app can also receive commands, but only when they are sent from the attacker's predefined number. 

This article originally appeared at scmagazineus.com

Copyright © SC Magazine, US edition


Droid spyware answers phone calls
 
 
 
Top Stories
Innovating in the sleepy super industry
There’s little incentive to be on the bleeding edge, so why is Andrew Todd fighting so hard?
 
How technology will unify Toll
The systems headache formed through 15 years of acquisitions.
 
Immigration breached Privacy Act with data leak
Pilgrim slams "copy and paste" of asylum seeker data.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  38%
 
Your insurance company
  3%
 
A technology company (Google, Facebook et al)
  7%
 
Your telco, ISP or utility
  8%
 
A retailer (Coles, Woolworths et al)
  2%
 
A Federal Government agency (ATO, Centrelink etc)
  20%
 
An Australian law enforcement agency (AFP, ASIO et al)
  15%
 
A State Government agency (Health dept, etc)
  6%
TOTAL VOTES: 835

Vote