August 17, 2011
Android Malware Posing as Google+ app
Do you like this story?
A new flavor of Android malware is disguising itself as a Google+ app in an attempt to capture instant messages, GPS, location, call logs, and other sensitive data.
Uncovered by the team at Trend Micro, the new malware known as ANDROIDOS_NICKISPY.C can also automatically answer and record phone calls. To capture data, the app loads at boot-up and runs certain services that can monitor messages, phone calls, and the user's location, thereby stealing e-mail and other content.
Detailing its findings in a blog Friday, Trend Micro said it discovered that the malicious app tries to trick people by installing itself under the name Google++.
But instead of providing access to Google's new social network, the app sends its stolen user data to a remote site where presumably cybercriminals can grab it. Unlike some malware in the past that masqueraded as legitimate apps through Google's Android Market, this particular one must be downloaded by an unsuspecting user from a malicious Web site and then manually installed.
And even if installed, the app can be uninstalled from an Android device by selecting Settings > Application > Manage applications, choosing Google++ and then clicking Uninstall, according to Trend Micro.
Trend Micro gives the app a low-risk rating, but it's still something that Android owners should be sure to avoid.
Android users concerned about security can learn how to better protect themselves through Trend Micro's online guide "5 Simple Steps to Secure Your Android-Based Smartphones."
Uncovered by the team at Trend Micro, the new malware known as ANDROIDOS_NICKISPY.C can also automatically answer and record phone calls. To capture data, the app loads at boot-up and runs certain services that can monitor messages, phone calls, and the user's location, thereby stealing e-mail and other content.
Detailing its findings in a blog Friday, Trend Micro said it discovered that the malicious app tries to trick people by installing itself under the name Google++.
But instead of providing access to Google's new social network, the app sends its stolen user data to a remote site where presumably cybercriminals can grab it. Unlike some malware in the past that masqueraded as legitimate apps through Google's Android Market, this particular one must be downloaded by an unsuspecting user from a malicious Web site and then manually installed.
And even if installed, the app can be uninstalled from an Android device by selecting Settings > Application > Manage applications, choosing Google++ and then clicking Uninstall, according to Trend Micro.
Trend Micro gives the app a low-risk rating, but it's still something that Android owners should be sure to avoid.
Android users concerned about security can learn how to better protect themselves through Trend Micro's online guide "5 Simple Steps to Secure Your Android-Based Smartphones."
About the Author:
Ifeanyi Emeka is the founder of this blog and also writes for Tech Forked. He is passionate about tech stuffs and loves customizing blogger themes.
Popular This Week
Android Malware Posing as Google+ app
2011-08-17T16:27:00+01:00
dfgdfg
Android|Android Malware|Malware|Virus|
Subscribe to:
Post Comments (Atom)