Wednesday, August 3, 2011

What could possibly go wrong?

The Android App store is a lot like the Wild West.  Unlike Apple's iTunes App Store, there doesn't seem to be much (any?) checking done by Google to make sure that malware doesn't get distributed that way.  And so this was pretty much inevitable:

A new Android Trojan is capable of recording phone conversations, according to a CA security researcher.
While a previous Trojan found by CA logged the details of incoming and outgoing phone calls and the call duration, the malware identified this week records the actual phone conversations in AMR format and stores the recordings on the device's SD card.

The malware also "drops a 'configuration' file that contains key information about the remote server and the parameters," CA security researcher Dinesh Venkatesan writes in a blog, perhaps suggesting that the recorded calls can be uploaded to a server maintained by an attacker.
Pretty neat trick, that.  Combine it with a "Spear Phishing" attack to lure the CEO into installing it, and you have a sweet way to gather all sorts of information.

Remember Borepatch's First Law of Security: "Free download" is Internet-speak for "open your mouth and close your eyes".

1 comment:

Old NFO said...

Yep, and the idjits download that stuff EVERY day... Just like the idjits that download crap from the net onto their work computers...