People should always be wary of installing any new software, even if its for your mobile phone. Google's Android Market has been proven to be highly susceptible to have software available that, if not caught quickly by Google, can turn out to be malware. Last May, 26 Android based malware programs were removed by Google; even more malicious files were found and deleted in June and yet again in July.
This week yet another new Trojan file has been discovered by CA Security and this is an especially nasty one. According to the company's blog site, this malware, which is named "Android System Message" actually records the phone user's audio conversations and stores them in the "amr" format. According to the blog, "Once the malware is installed in the victim device, it drops a 'configuration' file that contains key information about the remote server and the parameters." It adds, "As the conversation goes on, the Trojan stores the recorded call in a directory shangzhou/callrecord in the SDCard." Ars Technica adds that the malware is suppose to send that recorded conversation to a remote server. However, whomever created the code wrote it with a typo that disables this feature.
Ars Technica adds that the malware has yet to appear out in the general Android download community, saying it popped up on a shady "malware collection channel." Even if this malware doesn't find its way into the Android masses, people who download any Android apps should always be aware of what they are installing on to their device.
Image via CA Security