Browse archive

Latest news

Targeted data stealing attacks using fake attachments

A look into the EC Council hack

New Mac spyware signed with legitimate Apple Developer ID

Ransomware adds password stealing to its arsenal

"Get free followers" scam targets Instagram users

Thoughts on the need for anonymity

Four LulzSec hackers handed prison sentences

The New Yorker launches anonymous dead-drop tool

Researchers reveal OpUSA attackers' MO

Info-stealing Dorkbot worm spreading on Facebook

Review: The Hacker's Guide to OS X

Private messages of Bloomberg clients end up online

IT security jobs: What's in demand and how to meet it

Hacking charge stations for electric cars

Android spying app masquerades as Gmail

Posted on 07.06.2012

A new piece of Android malware that has recently been unearthed by NQ Mobile researchers is capable of logging text messages and phone calls, as well as record them, and send them to a remote server controlled by attackers.

Dubbed DDSpy, the malware hides in the app list and waits for instructions that can be delivered via SMS from a remote server.

"When DDSpy receives a command, it will configure the uploading email address and determine what content to steal. Our research shows that it’s capable of uploading the user’s SMS, call log, and vocal records," the researchers pointed out.

"In addition, it reserves a GPS-uploading interface for future development. Because of this strange activity, we are concerned that it will evolve into more malicious spyware."

The malware initiates the recording of phone calls either when it receives the command to do it or when it detects outbound calls, and stores the recordings on the phone's SD card. Once a day, all the recorded information is sent to the remote server.

The researchers didn't say where they found the app or whether an attacker must have physical access to the victim's phone to install it, but it's safe to say that if you find a Gmail app in your device's app list and you haven't put it there, it's unlikely a good thing.