updated 09:40 pm EDT, Mon August 1, 2011
Malware tricks users into installing Trojan
A virus targeting Android devices is reportedly capable of recording a user's phone conversations, according to security researchers at CA Technologies. The Trojan's call recording functionality is said to represent a significant step forward, as earlier viruses merely logged information such as phone numbers and call duration.
CA's Dinesh Venkatesan ran the Trojan using an emulator to observe its functionality. Users are duped into installing the virus by an approval prompt that mimics the permissions dialog of a standard Android Market app. The malware then loads itself onto the device and adds remote server configuration file.
Every time a user places a phone call, the Trojan records the conversation and saves it to an AMR file on the phone's SD card. Researchers suspect the remote server files enable the malware to upload the AMR files to be accessed by the attackers.
"As it is already widely acknowledged that this year is the year of mobile malware, we advice the smartphone users to be more logical and exercise the basic security principles while surfing and installing any applications," concluded Venkatesan. [via NetworkWorld]