Android users should be wary as a new malware app has been discovered posing as a Google+ app. This app is particularly nasty, as it gathers GPS data, call logs, text messages, and even records phone calls before sending the information off to a remote server. It can also receive commands from text messages sent to the phone from the app’s shadowy puppet master. Frequent readers may feel that this sounds eerily familiar.
According to Trend Micro, the app is the third variant of the malicious ANDROIDOS_NICKISPY.A, and is being given the .C designation. Unlike previous versions, the .C app can also answer calls without the user’s knowledge. It seems that when an infected phone receives calls from specific numbers, the phone’s screen remains black, goes into silent mode, and hides the dial pad. Presumably, this is another means by which the app’s creators can communicate with infected phones.
Fortunately, the app is not available for download within the Android app store. There’s some more good news, as well: The auto-answer function only affects phones running the 2.2 version of the Android OS, and the app can be removed simply by uninstalling the app. However, the fact that the app apparently installs itself after the phone visits a malicious website is more than a little troubling. Stay vigilant, Android users.
(via TechCrunch, image via Trend Micro)
Published: Aug 15, 2011 02:30 pm