According to a recent research, a new malware targeting Android devices is capable of recording calls and uploading them to online servers without user’s permission. Prior to this, researchers found that about 8% Android applications leak private information.
The research was conducted by security researchers of CA Technologies, an IT management and Consulting Company — they later observed the functionality of the Trojan with the help of an emulator.
The users actually get deceived by a so-called harmless application (actually a Trojan) which prompts to install the application on user’s smartphone. Once the installation is finished, it downloads a file from the remote server without user’s permission. After that, if a user makes a phone call, the malware records the conversation and saves it as an .amr file on the phone’s SD card.
Thus malware is very much harmful compared to the previous ones, which were capable of having only log details of incoming/outgoing calls in text form.
The researchers also suspected that if this Trojan is capable of downloading a file then it might have the capability to upload files as well.
According to CA Technologies:
We have been recently blogging about many Android malware as the threat landscape has been witnessing an increasing trend in targeting the mobile platforms and today we have received an Android package to our collection and observed that this piece of malware walks an additional mile by having a neat configuration and has a capability to record the telephonic conversation the infected victim makes. In one of our earlier blogs, we have demonstrated how a Trojan logs all the details of incoming/outgoing calls and call duration in a text file. This Trojan is more advanced as it records the conversation itself in “amr” format. Also it has got many other malicious activities that we have seen in many of the earlier malware incidents targeted for Android platform.
As it is already widely acknowledged that this year is the year of mobile malware, we advice the smartphone users to be more logical and exercise the basic security principles while surfing and installing any applications.
The malware problems on Android have become high because of the lack of regulations in the application uploading process on the Android market. On the other hand, lack of rules does have it’s advantages — developers can build their own application without worrying about Google i.e. it will accept the application or not.
To make your phone secure, we recommend that you install a security suite on your Android smartphone.