The malware is launched after a user tries to place a call. The conversation is stored in the .amr file format, research at CA say.
A new Android Trojan has been discovered that records your phone conversations, according to IT service provider CA Technologies.
According to CA security researcher Dinesh Venkatesan, the malware only runs after users unwittingly install it onto their Android-based devices. To coax users into doing so, the Trojan mimics a standard installation screen for legitimate applications. If users click "install," a configuration file is added to the handset with "key information about the remote server and the parameters," suggesting that the calls can be accessed over the Web by the malware's creator.
Once a user places a call, the malware kicks into action, recording the conversation onto the device's installed SD card in a directory called "shangzhou/callrecord." CA Technologies said that the malware saves the conversation as an ARM file.
• Malicious apps removed from Android Market
• More malware targeting Android
• 12 tips for mastering Android
• Symantec: Malware masquerading as Android apps
This latest discovery joins a growing number of threats Android users face. Last month, security researchers detailed newly discovered malware, including a variant of the DroidDream Trojan that plagued applications Google removed from its Android Market earlier this year. The researchers also found a Trojan designed to steal bank passcodes sent over SMS. According to the security firms, the malware can operate on its own, meaning users don't need to launch the app for it to infect a device.
"It is already widely acknowledged that this year is the year of mobile malware," Venkatesan said in a blog post discussing the latest malware discovery. "We advise the smartphone users to be more logical and exercise the basic security principles while surfing and installing any applications."
So, what are those principles? For one, users should only install applications from trusted sources. Users should also examine permissions, to ensure they match up with the respective application's core features. And perhaps most importantly, users should run antivirus software on their handsets to safeguard themselves from some threats.