Android Trojan Records Phone Calls

jbrodkin writes "A new Android Trojan is capable of recording phone conversations, according to a CA security researcher. While a previous Trojan found by CA logged the details of incoming and outgoing phone calls and the call duration, new malware identified this week records the actual phone conversations in AMR format and stores the recordings on the device's SD card. The malware also 'drops a 'configuration' file that contains key information about the remote server and the parameters,' CA security researcher Dinesh Venkatesan writes, perhaps suggesting that the recorded calls can be uploaded to a server maintained by an attacker. Installation of the Trojan requires some user interaction, but the malware recreates the look and feel of the standard Android application installation process, and may fool some unsuspecting users."

Re:Recording should be a basic function... ?

[s0litaire]

no need for trojans

check android market for the developer "skvalex" and check the link in his "CallRecorder" app..
it's been around for nearly a year!!

The above article is nothing but FUD

[dizzysoul]

Android has strict permissions enforcement for every application. It's even built into the marketplace! You cannot install an application without first being told WHAT the application wants access to. If the application wants to record your phone calls, the installer will specifically tell you the application is requesting access to your microphone. The installer forces you to scroll down to hit next, and there is literally NO WAY you can miss reading it. If you install applications from an untrusted source, Android will specifically WARN YOU that you could be installing something dangerous. The above article is nothing but FUD. If you read the source article, it says you have to install from an untrusted source, go through the warnings, and still go through the installation process.