Trend Micro security researchers have discovered a new application for Android mobile malware that disguises itself as Google +. The application has the ability to record phone calls, and collect GPS location phone, text messages and call logs, all of which are sent to remote servers.
The application installs itself on the Android devices under the guise of Google + application using the Google icon + disguise myself in Android applications and services list.
Malware is a version of the previously detected ANDROIDOS_NICKISPY.(A) and (B) because it uses the same code structure found within those applications. This particular version is called ANDROIDOS_NICISPY.(C).
In this case at least, it is unlikely that the malware is especially prevalent, as it is not listed in the Android market. The application displays only for mobile phone users who unknowingly visit malicious Web site. And delete as simple as uninstalling the application.
Interestingly, here's how quickly malware authors used the hype about Google's new social network to their advantage. Not even 2 months and Google + has already been used as cover for mobile malware.
In addition to recording calls and collect personal data from the device, the malware can also receive commands via text message that explains the Trend Micro threat analyst Mark Balanza. To do this, it requires the sender to use predefined controller» number from an application configuration file to run all commands.
But the uniqueness of this malware especially Balanza says is its ability to record calls automatically, what other options do not. To answer calls, you must disable the screen of the phone and call should come from a certain telephone number in the application configuration file. Before you answer, the app puts phone into silent mode and hides the dial pad. And when is a phone call, the screen goes blank.
It is important to note that the "auto reply" feature of the malware can only affect Android version 2.2 and below how MODIFY_PHONE_STATE permission was disabled in Android 2.3. Again, this is another very good example to why manufacturers and carriers should not hold back the Android OS updates from pushed to consumer devices.
The Android operating system becomes a target for malware, such as this, the security firm lookout reported earlier this month. Android users are two and 1.5 times faced with malware today than just 6 months ago. And half a million to one million users were affected by the Android malware this year alone. Although this individual application can only be a minor threat, combined with all other for many months, the threat of malware is becoming a problem for Android users, developers, carriers and OEMs.
No comments:
Post a Comment