Print 10 comment(s) - last by Darksurf.. on Jun 11 at 10:25 AM


Users will not see an icon for DDSpy -- it simply hides in the Android-powered device's application list and runs silently

New malicious software has been detected on Android devices where a user's personal information is stolen by a fake Gmail program.

The malware, called DDSpy, acts like a Gmail service in Android gadgets. However, users will not see an icon for DDSpy -- it works by hiding in the app list and waiting for commands from a remote server via SMS. These commands include "BOOT_COMPLETED," "SMS_RECEIVED," and "PHONE_STATE."

Once DDSpy is given these commands, the malware can begin uploading the Android user's SMS records, call log and vocal records. DDSpy is capable of configuring the uploading email address on the device and figuring out what content to steal. It also records calls when it detects outbound calls and when it's configured by SMS. From there, the recorded files are stored in SDCard/DCIM/.thumbnails/directory.

DDSpy has a default uploading mode coded into it where it sends its collected information to an email address at a certain time each day.

NQ Mobile's Security Research Center, which discovered DDSpy as a threat, is particularly worried about this malware because it uses a GPS-uploading interface "for future development," meaning it could turn into a more malicious version at some point.

NQ Mobile Security offered a few tips as to how to avoid getting DDSpy, such as only downloading apps from trusted sources, never accepting apps from unknown sources and keeping an eye on odd behavior.

Source: NQ Mobile Security

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

By vol7ron on 6/8/2012 9:42:50 AM , Rating: 2
Interesting. My phone logs are essentially: voicemail. I wonder if it steals text logs.

RE: Hmm
By vol7ron on 6/8/2012 9:43:49 AM , Rating: 2
SMS records , call log and vocal records.

Apparently so.

...and how do you get it?
By Kepler on 6/9/2012 11:18:43 AM , Rating: 2
Is this something that a user has to install on their own? Side-loaded? On the Play Store? Is it something auto-loaded by browsing a website?

Total lack of any useful info.

RE: ...and how do you get it?
By sprockkets on 6/11/2012 12:07:58 AM , Rating: 2
Apparently you side load it. The source article mentioned nothing of it being on the play store.


but but but
By hexxthalion on 6/8/12, Rating: 0
RE: but but but
By TakinYourPoints on 6/8/2012 7:41:22 PM , Rating: 3
Can you imagine how massive this thread would be if it applied to iOS? Android and bad security are to be expected, but the massive bias here leads to silence.

ios ftw
By anandtech02148 on 6/8/2012 6:58:54 PM , Rating: 2
sloppy OS build on Java.

Who would want such a thing
By faster on 6/9/2012 10:12:38 AM , Rating: 2
The ability to record conversations and upload them? Really? Does this sound like State sponsored malware to anyone else?

This is silly.
By Darksurf on 6/11/2012 10:25:13 AM , Rating: 2
The user basically has to install this themselves. This is typically like any linux software. You have to be dumb enough to install it and give it rights. This doesn't come through Gmail updates, or automagically install. A poor attempt at making viruses.

By JackBurton on 6/8/2012 2:14:05 PM , Rating: 1

"If you can find a PS3 anywhere in North America that's been on shelves for more than five minutes, I'll give you 1,200 bucks for it." -- SCEA President Jack Tretton

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki