New Android malware disguises itself as Google+

Posted on Aug 17 2011 - 11:45pm by Robert

As Google’s Android becomes more and more popular, it also becomes the target of more malware, trojan, and spyware attacks. Trend Micro Labs has reported a new malware that disguises itself as a Google+ app that is capable of answering all incoming calls automatically.

The malware, which is only identified as ANDROIDOS_NICKISPY.C, has no confirmed origin. Trend Micro detailed its findings in a blog post, where it says that the malicious application, called “Google++,” trick users by disguising itself as a real Google+ app.

For quite some time now, The Android operating system has been suffering from malware and trojan attacks. Apparently, being open source is showing its cons.

The ANDROIDOS_NICKISPY.C automatically answers and records phone calls. To capture the data, the application loads and runs a number of services that monitors phone calls, messages and the user’s location. Instead of accessing Google’s social networking site, the app sends the stolen data to a remote site using port 2018. These stolen information may be used by cybercriminals for malicious activities.

Unlike some previously discovered malware that act like legitimate apps from the Android Market, the Google++ app can be downloaded by unsuspecting users from untrusted websites, unaccredited sources and cracked apps, and then manually installed.

The auto-answer function can only work on phones that run the Android 2.2 version, and according to Trend Micro, the app can be uninstalled by selecting Settings -> Application -> Manage applications, then choose Google++ then click Uninstall. Now that Android malware are increasing in numbers, it is best to stay vigilant.


via: Tech Crunch

Leave A Response