New Android Malware Disguises Itself As Google+, Records Phone Calls, Call Logs And Text Messages

Android users will have to deal with yet another blow, again, and this time its in the form of a new malware which disguises itself rather mischievously.

Android MalwareThis new Android malware disguises itself as the Google+ app, using the same icon and being listed under the name of Google++. This piece of malware is in fact a variant of ANDROIDOS_NICKISPY.A, a serious Android spyware that can eavesdrop on unsuspecting users.

TrendLabs, which was responsible for identifying this malware, claims that this form of malware is capable of recording all kinds of sensitive information, ranging from full-fledged audio calls to text messages and call logs. If that wasn’t enough, the tracked data is then sent off to a remote server, all in the background:

ANDROIDOS_NICKISPY.C is capable of collecting data such as text messages, call logs, and GPS location from infected devices, which it then uploads to a certain URL through port 2018.

Like other ANDROIDOS_NICKISPY variants, ANDROIDOS_NICKISPY.C also has the capability to record phone calls made from infected devices.

More than just recording calls voluntarily carried out by users, this new form of malware also has the ability to automatically answer incoming calls in the background, which is rather scary. Calls are answered without the user’s consent: in fact, this malware puts the phone in silent mode and displays the standard home screen. Are you creeped out yet?

Like other ANDROIDOS_NICKISPY variants, ANDROIDOS_NICKISPY.C also has the capability to record phone calls made from infected devices. What makes this particular variant different is that it has the capability to automatically answer incoming calls.

The good news is the fact that this piece of malware isn’t widespread yet, since it hasn’t made its way onto the Android Market. Instead, it automatically installs itself on the system through a maliciously-crafted website, which is slightly better but should definitely not be settling.

If you suspect you’re infected with this malware, be sure to remove it immediately by uninstalling Google++, much like you’d uninstall any other Android app. This will remove all the malicious services and leave your phone completely clean. In order to protect yourself, make sure not to click any link on the web unless you know its origins. You may also want to consider a free security solution such as Lookout Mobile Security, especially if you’re not a savvy user.

nickispyc2

(via TechCrunch, Malware Blog)

You can follow us on Twitter or join our Facebook fanpage to keep yourself updated on all the latest Microsoft, Google and Apple.