New Android Trojan Records Your Phone Conversations
Before disclosing any personal identification via phone conversations on your Android device, you might want to see if you have any eavesdropping Trojan on your handset.
As reported by Dinesh Venkatesan of CA Technologies, the malware drops a configuration file on the victim’s device. Then, it will record and store phone conversations as AMR format on the user’s SD card. It is also assumed that the Tojan can upload these conversations to a remote server maintained by the malware’s author.
However, Dinesh Venkatesan did not disclose how he came across the Android Trojan. But he explained that he tested the malicious eavesdropping software in “a controlled environment with two mobile emulators running along with simulated Internet services.”
The screenshot posted below also confirms that the malware must ask permission before it can install itself on the device.
But why would someone wants to record a phone conversation? It can be due to account passwords, social security numbers, and any number of personal information that is verbally exchanged with bill collectors over the phone. However, it can also be cumbersome for the eavesdropper, as phone conversations could also contain garbage talks.
Still, mobile phone owners cannot erase the fact that it is the year of handset malwares. As Dinesh Venkatesan also said:
“As it is already widely acknowledged that this year is the year of mobile malware, we advice the smartphone users to be more logical and exercise the basic security principles while surfing and installing any applications.”
But assuming that Google can filter out any disguised malwares in the Android Market, it is easier said than done.View Article Source »