There's a new Android trojan in town, and it's secret weapon is the ability to record your phone conversations. At least, that's what CA Technologies' Dinesh Venkatesan claims in his latest blog.
According to the report, the malware drops a “configuration” file — one that contains key information about the remote server and the parameters — once it's installed on the victim's device. It then records and stores phone conversations in AMR format on the consumer's SD card. Based on the configuration file, it's assumed that the trojan also has the ability to upload these conversations to a remote server maintained by the trojan's author.
The news is a step up from last week's report of a trojan that logged details of incoming and outgoing phone calls, and their duration. Venkatesan didn't say how he came across the new malicious package, but explains that he tested the eavesdropping malware in “a controlled environment with two mobile emulators running along with simulated Internet services.” One screenshot confirms that the malware must ask permission before installing itself on the device, emulating a legitimate app.
“Making a phone call from the victim device to trigger the payload,” reads one screenshot caption. “As the conversation goes on, the Trojan stores the recorded call in a directory shangzhou/callrecord in the SD Card.” The file was saved as “20110731012842001.amr” and could be played back in VLC Media Player. The actual size of the audio file wasn't given.
“As it is already widely acknowledged that this year is the year of mobile malware, we advise the smartphone users to be more logical and exercise the basic security principles while surfing and installing any applications,” he said.
Of course, that's easier said than done when consumers place their trust in Google and assumes that the search engine giant is on the ball by filtering out any disguised malware lurking on the Android Market. And while Android has the upper hand over Apple's iOS in terms of development freedom, installing apps from outside the Android Market / Amazon Appstore circle is certainly risky business.
So why would anyone want to record a stranger's conversation? Simple. Account passwords, social security numbers - any number of personal information that's typically exchanged verbally with bill collectors over the phone. But wading through all the other garbage - simple talk, dirty talk, business talk etc - is another story. That would take a load of patience.
source: 2DayBlog.com