The Trojan malware, which automatically records outgoing phone calls and stores them on the device’s SD card, was first uncovered by CA Technologies security researcher Dinesh Venkatesan, who specializes in a variety of nasty software, including “mobile threats.”
To test the Android malware, Venkatesan ran tests of the malicious software in “a controlled environment with two mobile emulators running along with simulated Internet services,” he writes on his blog. The test shows that, for the Trojan virus to install itself on a device, the user must actually click an “install” button, which appears on a prompt screen that looks much like other (legitimate) software.
Once the virus is installed, any call that’s made from the Android handset “triggers the payload,” writes Venkatesan, which means the call recording functionality is covertly launched on the device, and calls are saved to the SD card.
From what we’ve seen so far, it’s unclear where a user would download this software, or how the saved calls would be accessed by an outside party, though it’s possible that whoever developed the Trojan built this functionality into the software.
More disturbingly, Venkatesan says he and his colleagues in the security industry have noticed an “increasing trend in targeting mobile platforms.”
“As it is already widely acknowledged that this year is the year of mobile malware,” writes Venkatesan, “we advice the smartphone users to be more logical and exercise the basic security principles while surfing and installing any applications.”
According to a Juniper Networks report from May, Symbian and Microsoft Windows Mobile platforms have been the primary targets of hackers looking to tap into the hoards of unsuspecting smartphone users. This year, however, malware developers have begun working on worms for both Apple’s iOS and Google’s Android operating system. While iOS remains mostly secure, it is Android that has taken the biggest hit.
“Consumers can expect to see more advanced malware attacks against the Android platform,” the Juniper report says. Attacks could include, “command and control zombies and botnet participators, devices that are remotely controlled to execute malicious attacks.”
So be careful out there, Android users. The mobile world is becoming an increasingly dangerous place to live.