New Android Trojan Records Phone Conversations
Although there's a new trojan that saves phone conversations to SD cards, why on earth would any hacker want to listen through all those files? Sheer boredom?
There's a new Android trojan in town, and it's secret weapon is the ability to record your phone conversations. At least, that's what CA Technologies' Dinesh Venkatesan claims in his latest blog.
According to the report, the malware drops a "configuration" file -- one that contains key information about the remote server and the parameters -- once it's installed on the victim’s device. It then records and stores phone conversations in AMR format on the consumer's SD card. Based on the configuration file, it's assumed that the trojan also has the ability to upload these conversations to a remote server maintained by the trojan's author.
The news is a step up from last week's report of a trojan that logged details of incoming and outgoing phone calls, and their duration. Venkatesan didn't say how he came across the new malicious package, but explains that he tested the eavesdropping malware in "a controlled environment with two mobile emulators running along with simulated Internet services." One screenshot confirms that the malware must ask permission before installing itself on the device, emulating a legitimate app.
"Making a phone call from the victim device to trigger the payload," reads one screenshot caption. "As the conversation goes on, the Trojan stores the recorded call in a directory shangzhou/callrecord in the SD Card." The file was saved as "20110731012842001.amr" and could be played back in VLC Media Player. The actual size of the audio file wasn't given.
"As it is already widely acknowledged that this year is the year of mobile malware, we advice the smartphone users to be more logical and exercise the basic security principles while surfing and installing any applications," he said.
Of course, that's easier said than done when consumers place their trust in Google and assumes that the search engine giant is on the ball by filtering out any disguised malware lurking on the Android Market. And while Android has the upper hand over Apple's iOS in terms of development freedom, installing apps from outside the Android Market / Amazon Appstore circle is certainly risky business.
So why would anyone want to record a stranger's conversation? Simple. Account passwords, social security numbers – any number of personal information that's typically exchanged verbally with bill collectors over the phone. But wading through all the other garbage – simple talk, dirty talk, business talk etc – is another story. That would take a load of patience.
- Nintendo Chief Cuts His Compensation in Half
- Report: iPhone 5 Coming October, Not September
- Mozilla Reveals Possible New Firefox UI Direction
- Windows XP Finally Falls Below 50% Market Share
- HTC Desire Finally Gets Gingerbread (Only for Experts)
- GE Still Working on Holographic Disc Storage
- The ISS Will Be "Sunk" in 2020
- South Korean Scientists Create Glowing Dog
- Nintendo Blames 3DS Price Drop on Gamecube
- Scientists Use LEDs to Create 800 Mbit/s Optical WLAN
- This Robot Mimics Human Reasoning
- The Perfect iPhone and iPad Cases for College Students
- Google Hands Out $17K For Patches In New Chrome
- John Carmack: Video Games Reduce Aggression
- iCloud Pricing Revealed Ahead of Beta Launch
- GameStop to Sell Digital Downloads in Stores
- Best Buy is Giving Away Free Nexus S Units All Day
- Camera Concept Records Footage in Both Directions
- Study Claiming IE Users Are Dumb Just A Hoax
Makes me just a little less sad that I have a BlackBerry, rather than an Android/iPhone...
Amazing. This is what serious phone users are dreaming off. An app to record phonecalls! Where is this "trojan". I've been looking for a call-recording solution on Android for ages! Never found one.
Funny that manufacturers always claim that recording calls "isn't possible due to hardware constraints" yet suddenly "there's a virus that record calls". Who's fooling who here? If this is "the Android market" then I'm glad I bought a Nokia Symbian device. This CAN record phonecalls without needing a virus :-)
jacobdrj, please do not lump Android and iPhone together. That's misleading. Android is an OS on many different kinds of phones, an iPhone is a smart phone. Different companies, different ways of handling apps.
There are 2 uses for this virus, to it's writer:
1) With solid voice recognition, you could pull a lot of important identity information from people. SS#s, credit card #s, etc...
2) In a really scary place, these recordings can be used to target certain people. Voiced can be reproduced when there is sufficient recorded voice material present (see Ebert, the movie critic).
jacobdrj, please do not lump Android and iPhone together. That's misleading. Android is an OS on many different kinds of phones, an iPhone is a smart phone. Different companies, different ways of handling apps.
And where does BlackBerry fall in your assessment?
There are still far more quality [free] apps for Android and iOS devices than there are for BlackBerrys. Hence the more secure BlackBerry OS having some value over it's major competitors, which is why I at least feel a little safer using one over an Android/iPhone...
I would still prefer and Android/iPhone (iOS device that includes access to cellular phone networks...)
I too have been looking for an app that will record phone conversations. I (heard) that none exist because it is illegal to record a conversation someone in the USA without notifying them first. Hence the "This call may be recorded for training purposes" when you call a tech center.
Or you can just do like every user that connects their devices to the internet should do. Install an anti spyware/ anti-virus application, and firewall application on their phone. I still don't see what the point of creating a virus that saves conversations to your memory card does, unless some sneaky husband/wife created this to spy on their significant other. You still need physical access to the device to recover the files.
The malware issue gets even more severe in Android. Google better have a solution to this.
Amazing. This is what serious phone users are dreaming off. An app to record phonecalls! Where is this "trojan". I've been looking for a call-recording solution on Android for ages! Never found one....
I have been using Tape-a-Talk to record phone calls on Android phones for a while now. This app can record notes, voice memos also. You could save the files in wave, pcm and 3gp format.
As soon as I'm finish recording I moved the file to a PC...just in case
See CallRecored & rVoix. You need patched kernel for them. All others use mic/speaker feedback.
Don't install everything that ends in apk and do look at the permissions required before pressing accept (these are not phones anymore but PCs with phone call functionality, please be aware of that -> If you don;t like it buy a dumb phone e.g. somewhere in the area of a Nokia 1100).
I too have been looking for an app that will record phone conversations. I (heard) that none exist because it is illegal to record a conversation someone in the USA without notifying them first. Hence the "This call may be recorded for training purposes" when you call a tech center.
Not throughout the entire country, varies state to state. Businesses do it in every state to CYA. Some states you have to tell the person you are recording; and in other states only one person in the conversation (ie you) has to know its being recorded.
come on seriously it's not that hard for this thing to evolve, considering the phone number for lets say Bank of America is universal, or maybe NewEgg.com you sure as heck arent going be calling those numbers just to gossip, a smart variation of this will only trigger a recording if a known prime number has been dialed, there's enough information in a phone call to Bank of America to comprise nearly any account you may have any where else, if that doesn't worry you then enjoy your cave....
Am pretty sure that thing is coded by Steve himself!
jacobdrj, please do not lump Android and iPhone together. That's misleading. Android is an OS on many different kinds of phones, an iPhone is a smart phone. Different companies, different ways of handling apps.
Someone is kissing apple butt....