Android spying app masquerades as Gmail

A new piece of Android malware that has recently been unearthed by NQ Mobile researchers is capable of logging text messages and phone calls, as well as record them, and send them to a remote server controlled by attackers.

Dubbed DDSpy, the malware hides in the app list and waits for instructions that can be delivered via SMS from a remote server.

“When DDSpy receives a command, it will configure the uploading email address and determine what content to steal. Our research shows that it’s capable of uploading the user’s SMS, call log, and vocal records,” the researchers pointed out.

“In addition, it reserves a GPS-uploading interface for future development. Because of this strange activity, we are concerned that it will evolve into more malicious spyware.”

The malware initiates the recording of phone calls either when it receives the command to do it or when it detects outbound calls, and stores the recordings on the phone’s SD card. Once a day, all the recorded information is sent to the remote server.

The researchers didn’t say where they found the app or whether an attacker must have physical access to the victim’s phone to install it, but it’s safe to say that if you find a Gmail app in your device’s app list and you haven’t put it there, it’s unlikely a good thing.