A malware targeting Android devices is reportedly capable of recording users’ phone conversations without consent. Android is Google’s mobile operating system recently hammered with lots of malware and Trojans in the past.
While Apple’s iOS, Microsoft’s Windows Phone 7 and Symbian are generally free from viruses, Android in which users can install 3rd party apps that are not moderated has been considered as an unsafe platform.
Today, a new malware has been discovered by CA Technologies (an IT management and solutions company) which records phone calls and can then upload these calls to an online server.
Every time a user places a phone call, the Trojan records the conversation and saves it to an AMR file on the phone’s SD card. Researchers suspect the remote server files enable the malware to upload the AMR files to be accessed by the attackers.
In the SD card, the audio file is saved in a directory called “shangzhou/callrecord”. This Trojan is more advanced as it records the conversation itself in “amr” format. Also it has got many other malicious activities targeted for Android platform.
From the blog post by Dinesh Venkatesan from CA Technologies –
We have been recently blogging about many Android malware as the threat landscape has been witnessing an increasing trend in targeting the mobile platforms and today we have received an Android package to our collection and observed that this piece of malware walks an additional mile by having a neat configuration and has a capability to record the telephonic conversation the infected victim makes.
Dinesh demonstrated in this blog post how this malware exactly gains users’ phone calls.
On the other hand, Apple’s iOS which is a closed platform is absolutely free from malware and Trojans at the moment. Apple maintains a high level of security on its apps.