Beware, Android Trojan Can Spy on Your Phone Conversation

Android Plush Bag

Android Plush BagWith personal gadgets becoming more capable and connected than ever before, there’s reason to worry. Software and services like Prey and “Find My iPhone” can be used to remotely capture photos through a webcam, spy on a computer’s activity and track the whereabout of anyone possessing the device.

Software like this is intended to side device owners against people acting in bad faith — but the evils can also use the same capabilities on your gadgets against you.

According to CA Security Advisor Research Blog, a recently discovered Trojan on Android is capable of recording phone conversations in “.amr” format and store it in the memory card — on top of other features seen in older Android Trojans.

Once installed, the Trojan will keep a configuration file containing information about a remote server on the victim’s device, and it’s everyone’s guess whether it’d be used to upload conversations it recorded without the owner’s knowledge.

Since the Trojan can only carry out its act after the device owner grants it the required permissions, the best way to prevent the Trojan from getting on your device is to be extra careful when granting permissions to new applications.

Source: CA Security Advisor Research Blog via netbooknews.com
Photo credit: laihiuyeung ryanne

Comments

No Responses to “Beware, Android Trojan Can Spy on Your Phone Conversation”

August 05, 2011 at 10:42 pm, Azo said:

Great work u guys duin.i gues it creates mor opotunities 4 ethical hackers n other security specialists.but awarenes itself is not enuf whn wi r not technical

Reply

August 11, 2011 at 8:52 am, Mark said:

It was only a matter of time till this sort of thing happened, unfortunately it leaves five options.

1. Install such software and hope it doesn’t do evil or that someone else catches it
2. Don’t install software. Which kind of defeats the purpose but would keep you safe(not practical)
3. Learn software development for android, networking and server concepts and write your own,deploy your own servers. While this choice is not practical for most people, it does provide an option for those technically inclined to learn and prevent evil software on your phone. It may not be practical for the time spent to avoid evil software but lends itself to learning more and creativity.

Which in the end maybe the only option left to prevent bots,spying and any other form of privacy invasion( but oh wait then the kernel or uC(microcontroller) will have some sort of backdoor) . So that leaves the never ending cycle of creating you own version of everything including hardware.

4. Don’t own a smartphone, just a regular old nontexting,dumb phone( oh wait those can be listened too as well)

5. Last option digitally encoded smoke signals( oh wait my key has been compromised)

Reply

Post a Comment

Your email address will not be published.