Android malware records phone calls; iPhone users unaffected

“A new Android Trojan is capable of recording phone conversations, according to a CA security researcher,” Jon Brodkin reports for Network World.

“While a previous Trojan found by CA logged the details of incoming and outgoing phone calls and the call duration, the malware identified this week records the actual phone conversations in AMR format and stores the recordings on the device’s SD card,” Brodkin reports. “The malware also “drops a ‘configuration’ file that contains key information about the remote server and the parameters,” CA security researcher Dinesh Venkatesan writes in a blog, perhaps suggesting that the recorded calls can be uploaded to a server maintained by an attacker.”

Advertisement: iPhone 4. Get it direct from Apple and ready to use. Fast, free shipping only at the Apple Online Store.

Brodkin reports, “It appears the Trojan can only be installed if the Android device owner clicks the ‘install’ button on a message that looks strikingly similar to the installation screens of legitimate applications.”

Read more in the full article here.

MacDailyNews Take: Ah, the price of a pretend iPhone that’s “open” in all the wrong ways.

[Thanks to MacDailyNews Reader “krquet” for the heads up.]

29 Comments

      1. Leaving out some information there, aren’t ya?

        A Florida couple recorded Republican leaders discussing the ethics case against Newt Gingrich. In 1996. Jim McDermott leaked the recording to two newspapers.

        Tenuous analogy is tenuous. This trojan has a lot more in common with Murdoch’s recent shennanigans than with wiretapping done by private citizens getting leaked to the press by somebody else more than a decade ago.

        I see what you’re trying to do but it’s pointless to argue about which side, Democrat or Republican, tramples all over the privacy of others. Because they both do. Their lipservice towards privacy is and always has been an exercise in pandering to the electorate and nothing else.

        E.g., remember how the Democrats were going to heavily reform or flatout repeal the PATRIOT Act over the way it sanctified violating the privacy of US citizens? Remember how once they were elected back to power based on this and other promises, they didn’t and starting defending the anti-American Bush era policies as though they themselves were Bush era Republicans?

  1. Interesting … I would pay for my iP4 to get such an app. This is desirable functionality which apple vetoes.
    So actually 1 in this case for the competition.

      1. FYI rec is on the device and no 3rd party can access it. Also it’s owner’s choice to download and enable it. Owner can use the rec, 3rd party has no access.

        Yes, I’d like to have this utility.

        1. FYI….read the entire article..The malware also “drops a ‘configuration’ file that contains key information about the remote server and the parameters,” CA security researcher Dinesh Venkatesan writes in a blog, perhaps suggesting that the recorded calls can be uploaded to a server maintained by an attacker.
          “owner’s choice” is old news in the world of malware, that is if you follow that world at all…

  2. I jailbreak my iPhone to record my business calls and gave them transcribed geesh the maker of this is a dumb ass he could have sold it to prospective buyers instead of being a silly peeping Tom or listening Tom I guess either way android sucks and I will never talk in one

    1. It looks as a good utility, actually.
      People jailbreak and pay $$ to get it.
      Alternatively you can go to 3rd party SW, pay a lot of $$ and kiss your privacy goodby because they will never delite it and anyone can subpoena it.

      In this case it’s free and owner has full control over it. I would love to get this on my iP4.

  3. Funny thing about this malware for Android. The argument’s always Macs aren’t less vunerable to attack the virus writers just can’t be bothered to worry about Mac when Windows is out there.

    Well how come then we don’t see these malware attacks happening to the iPhone instead of Android?

  4. Hmm having worked for a decade in the travel industry,would ask the caller to be on a wired line instead of a cordless phone (for the security of their credit card and personal information before they provide such to make their booking). Cellphone use was negligible risk. I pity anyone who is ignorant enough to use Android phones and not understand the dangers involved. Ignorance is not an excuse, it’s a liability.

  5. Children you do not know the half of it.

    This malware created for Android is big news for the criminal underworld. Imagine you control a drug cartel that is anxious to gather intelligence on competing syndicates to remove them from the scene. You buy and preinstall your variation of this Android malware and gift the phones to your rival drug dealers who are delighted to get the latest and greatest iPhone look alike. You could of course just snare the data and sell it to the highest bidder in the underworld. Some cartels will pay fortunes for a clear advantage over others.

    You analyze the captured voice traffic and use it to take them out, yourself.

    You can target a neighborhood by either by paying or by forcing the local independent phone shops to carry your modified Androids so you can be sure they land in the hands of the dumbest guys on the street. You will own it all in short order with the captured intelligence.

    Gift these modified Androids to political, religious, or business leaders and then blackmail from them huge payments for silence about their indiscretions.

    When you own Android users like this you own the city.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.