Experts disagree on Android call recording 'Trojan'

Sources are reporting discovery of new Android app malware, but others say it is simply a legitimate app with sneaky motives

According to some headlines, the sky is falling on Android. No, I am not referring to the headlines predicting that the iPhone 5 will double Apple's smartphone market share and leave Android in its dust. I am referring to reports that a new Trojan has infiltrated the Android ecosystem. Some experts, however, suggest this may not be malware, but simply an app working as intended.

A CA blog describes Android malware capable of recording entire phone calls. It also logs call and text activity, and possibly GPS location data. It sounds insidious if you are unaware that the activity is taking place. It also sounds a lot like perfectly legitimate apps like eBlaster Mobile.

So, is this app a malicious Trojan intent on tracking your Android activity, or is it just an app that tracks Android activity?

Irfan Asrar, an analyst with Symantec Security Response, explains, "Despite the fact there have been multiple reports of the app uploading the recorded voice conversations to a remote sever, our analysis has found no such functionality. It can record calls; however, physical access to the device is required in order to retrieve them."

The behavior of the app suggests that it's not malware. It clearly states what it's going to do and requests the appropriate permissions. Once installed, the icon shows up just like any other app. If it is malware, it does a very poor job of trying to hide. It seems like an app that a suspicious spouse or lover would install -- intentionally -- on a partner's Android smartphone.

Asrar acknowledges that the app has the ability to send GPS data, and call and SMS logs to a remote server -- a server hosted by the app author. However, that data is then offered for a fee -- ostensibly to the husband, wife, or lover who installed the app.

Armando Orozco, Webroot threat research analyst, sits somewhere in between malware and legitimate app. He points out that the app uses tools available in Android -- a Java class called MediaRecorder -- and that it is far from the only app that does so. Whether it is "malware" or just an app, its behavior is essentially indistinguishable from apps designed for spying on or monitoring Android smartphone activity.

Orozco says that an app like this blends into the background and may be easily missed by the Android smartphone owner. "Easily overlooked with 50+ apps installed, I don't think many users are aware of these surveillance apps; all it takes is an untrusting partner."

David Harley, Senior Research fellow for ESET, puts the "threat" in a even more tempered perspective. "It's an interesting item: perhaps more of a proof of concept than an epidemic in its own right, but nevertheless both technically interesting and significant. I see this as an indication that the bad guys are putting real research and development resources into exploiting the Android market."

Troy Gill, a security analyst with AppRiver, sums up the Android malware issue with this thought: "This is not the first and will certainly not be the last. Malicious apps are fast becoming the easiest way to infect a mobile device and the Android market has been the platform of choice as of late."

Harley agrees, "This may or may not be the "year of mobile malware" but I think the time has long gone when the concept of smartphone malware could be dismissed as security vendor hype around a few hobbyist Trojans."

Yes, the app exists. No, the Android malware sky is not falling -- at least not yet.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags securitysmartphonesmalwareAndroidphishingspamvirusesconsumer electronicsantispam

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Tony Bradley

PC World (US online)
Show Comments



Sansai 6-Outlet Power Board + 4-Port USB Charging Station

Learn more >



Back To Business Guide

Click for more ›

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?