backtop


Print 10 comment(s) - last by Darksurf.. on Jun 11 at 10:25 AM


  (Source: research.nq.com)

  (Source: research.nq.com)
Users will not see an icon for DDSpy -- it simply hides in the Android-powered device's application list and runs silently

New malicious software has been detected on Android devices where a user's personal information is stolen by a fake Gmail program.

The malware, called DDSpy, acts like a Gmail service in Android gadgets. However, users will not see an icon for DDSpy -- it works by hiding in the app list and waiting for commands from a remote server via SMS. These commands include "BOOT_COMPLETED," "SMS_RECEIVED," and "PHONE_STATE."

Once DDSpy is given these commands, the malware can begin uploading the Android user's SMS records, call log and vocal records. DDSpy is capable of configuring the uploading email address on the device and figuring out what content to steal. It also records calls when it detects outbound calls and when it's configured by SMS. From there, the recorded files are stored in SDCard/DCIM/.thumbnails/directory.

DDSpy has a default uploading mode coded into it where it sends its collected information to an email address at a certain time each day.

NQ Mobile's Security Research Center, which discovered DDSpy as a threat, is particularly worried about this malware because it uses a GPS-uploading interface "for future development," meaning it could turn into a more malicious version at some point.

NQ Mobile Security offered a few tips as to how to avoid getting DDSpy, such as only downloading apps from trusted sources, never accepting apps from unknown sources and keeping an eye on odd behavior.

Source: NQ Mobile Security



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: Hmm
By vol7ron on 6/8/2012 9:43:49 AM , Rating: 2
quote:
SMS records , call log and vocal records.

Apparently so.


"Spreading the rumors, it's very easy because the people who write about Apple want that story, and you can claim its credible because you spoke to someone at Apple." -- Investment guru Jim Cramer














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki