“While a previous Trojan found by CA logged the details of incoming and outgoing phone calls and the call duration, the malware identified this week records the actual phone conversations in AMR format and stores the recordings on the device’s SD card,” Brodkin reports. “The malware also “drops a ‘configuration’ file that contains key information about the remote server and the parameters,” CA security researcher Dinesh Venkatesan writes in a blog, perhaps suggesting that the recorded calls can be uploaded to a server maintained by an attacker.”
Brodkin reports, “It appears the Trojan can only be installed if the Android device owner clicks the ‘install’ button on a message that looks strikingly similar to the installation screens of legitimate applications.”
Read more in the full article here.
MacDailyNews Take: Ah, the price of a pretend iPhone that’s “open” in all the wrong ways.
[Thanks to MacDailyNews Reader “krquet” for the heads up.]