Android malware answers calls, eavesdrops on users

Android users are two-and-a-half times as likely to encounter malware today than just six months ago, say the recently revealed results of an extensive analysis by Lookout.

And I can well believe it, since not a week goes by without us being faced with a new piece of malware with new and improved capabilities.

Half a month ago, researchers discovered an Android app that records phone calls and sends out various device information and logs.

Now, Trend Micro warns of a new one that does the same thing, but can also automatically answer phone calls and hide that fact from the user by setting the device on silent mode prior to the call and hiding the dial pad/making the screen go blank.

As this behavior is triggered only when the call comes from a phone number defined in the configuration file, the researcher believes that the malware is also intended to be used for eavesdropping on users’ conversations that do not unfold over the phone.

This “auto-answering” capability is only present on Android devices that are running Android version 2.2 or earlier, since the permissions needed for the function to work was disabled in later versions.

Apart from that, the malicious app also collects text messages, call logs, and the phone’s GPS location, and uploads it to a pre-defined URL.

To do all that, the app takes advantage of a number of services. But, to hide that fact and its presence on the device, the services are “equipped” with the Google+ icon and the app itself misappropriates and slightly modifies the social network’s name – it’s called “Google++”.