Spying Android Malware Hides as Google+ App
|Image composite by SecurityNewsDaily|
A nasty Android Trojan capable of stealing text messages and eavesdropping on conversations has, like all movie monsters worth their weight, morphed into an even more dangerous opponent.
On Aug. 2, the security firm CA Technologies detected a piece of Android malware that hid in corrupt apps and recorded and stored users' conversations on the targeted devices, which could then be uploaded to remote servers.
Today, the security vendor Trend Micro reported finding an updated variant of that Android Trojan with the same code structure, except that the new virus, called "Androidos_Nickispy.C," can intercept text messages, call logs and GPS locations from infected phones, and even answer incoming calls from other corrupted phones.
"Before answering the call, it puts the phone on silent mode to prevent the affected user from hearing it. It also hides the dial pad and sets the current screen to display the home page. During testing, after the malware answered the phone, the screen went blank," Trend Micro wrote on its blog.
The auto-answering feature only targets Android's running version 2.2, not the new version 2.3; to update your operating system, go to the "Settings" tab under "Menu."
(There's debate in the security community over whether the original Nickispy was malware or just an unethical app. From the way it was being marketed in Chinese-language app stores, it seemed that it was aimed at people worried their husbands or wives were having affairs.)
Even more disconcerting, the new Androidos_Nickispy masks itself as a legitimate app from Google+, Google's new social networking venture. The app is suspicious in that it shows up on phones as Google++, but, considering there are millions of fans of both Android and Google+, it's very possible the extra plus sign isn't enough to keep Android users out of trouble.
Thankfully, anti-virus companies have recently turned their attention to the smartphone market; last week, security giant Symantec released Norton Mobile Security Lite , a free Androd anti-virus app. The Android app market also features several free anti-virus apps from Lookout Mobile, AVG and others.