The Android Trojan records your conversations

SECURITY COMPANY CA TECHNOLOGIES has announced that a new Trojan has appeared for Android phones and tablets that can record phone conversations.

While the previous Trojan, which was discovered by this company, collected information on incoming and outgoing calls and their duration, this new malicious program, discovered this week, records phone conversations in .amr format and saves recordings on the device's SD card.

The program also stores a "configuration" file that contains key information about the remote server and parameters, said Dinesh Venkatesan, of CA Technologies, who probably wants to say that recorded conversations are sent to a server managed by the attacker.

Venkatesan tested the Trojan in "controlled conditions with two mobile phone emulators and a simulated internet connection" and posted screenshots of the results. It seems that the Trojan can only be installed if the owner of the Android device presses the install button in a message that looks like the installation screens of legitimate applications.

Once the malware and the configuration file for the remote server reach the Android device, every call the user receives or makes is recorded and stored on the SD card.

"Since this is the year of malware for mobile devices, we advise smartphone users to think logically and follow basic security principles while using the Internet and installing any application," Venkatesan said.

Android offers more flexibility because it allows the installation of third-party applications, including those that are not approved in the Android Market application store, but this freedom carries with it a certain risk. Malware-infected applications have also been found in the Android Market itself, although users can protect themselves by installing antivirus software, as they do with personal computers.

Text is taken from the site mikro.rs