Experts disagree on Android call recording 'Trojan'

Sources are reporting discovery of new Android app malware, but others say it is simply a legitimate app with sneaky motives

According to some headlines, the sky is falling on Android. No, I am not referring to the headlines predicting that the iPhone 5 will double Apple's smartphone market share and leave Android in its dust. I am referring to reports that a new Trojan has infiltrated the Android ecosystem. Some experts, however, suggest this may not be malware, but simply an app working as intended.

A CA blog describes Android malware capable of recording entire phone calls. It also logs call and text activity, and possibly GPS location data. It sounds insidious if you are unaware that the activity is taking place. It also sounds a lot like perfectly legitimate apps like eBlaster Mobile.

So, is this app a malicious Trojan intent on tracking your Android activity, or is it just an app that tracks Android activity?

Irfan Asrar, an analyst with Symantec Security Response, explains, "Despite the fact there have been multiple reports of the app uploading the recorded voice conversations to a remote sever, our analysis has found no such functionality. It can record calls; however, physical access to the device is required in order to retrieve them."

The behavior of the app suggests that it's not malware. It clearly states what it's going to do and requests the appropriate permissions. Once installed, the icon shows up just like any other app. If it is malware, it does a very poor job of trying to hide. It seems like an app that a suspicious spouse or lover would install -- intentionally -- on a partner's Android smartphone.

Asrar acknowledges that the app has the ability to send GPS data, and call and SMS logs to a remote server -- a server hosted by the app author. However, that data is then offered for a fee -- ostensibly to the husband, wife, or lover who installed the app.

Armando Orozco, Webroot threat research analyst, sits somewhere in between malware and legitimate app. He points out that the app uses tools available in Android -- a Java class called MediaRecorder -- and that it is far from the only app that does so. Whether it is "malware" or just an app, its behavior is essentially indistinguishable from apps designed for spying on or monitoring Android smartphone activity.

Orozco says that an app like this blends into the background and may be easily missed by the Android smartphone owner. "Easily overlooked with 50+ apps installed, I don't think many users are aware of these surveillance apps; all it takes is an untrusting partner."

David Harley, Senior Research fellow for ESET, puts the "threat" in a even more tempered perspective. "It's an interesting item: perhaps more of a proof of concept than an epidemic in its own right, but nevertheless both technically interesting and significant. I see this as an indication that the bad guys are putting real research and development resources into exploiting the Android market."

Troy Gill, a security analyst with AppRiver, sums up the Android malware issue with this thought: "This is not the first and will certainly not be the last. Malicious apps are fast becoming the easiest way to infect a mobile device and the Android market has been the platform of choice as of late."

Harley agrees, "This may or may not be the "year of mobile malware" but I think the time has long gone when the concept of smartphone malware could be dismissed as security vendor hype around a few hobbyist Trojans."

Yes, the app exists. No, the Android malware sky is not falling -- at least not yet.

Join the Good Gear Guide newsletter!

Error: Please check your email address.

Tags spamconsumer electronicsantispamvirusessecuritysmartphonesAndroidphishingmalware

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Tony Bradley

PC World (US online)
Show Comments

Most Popular Reviews

Latest News Articles

Resources

PCW Evaluation Team

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Ed Dawson

HP OfficeJet Pro 8730

As a freelance writer who is always on the go, I like my technology to be both efficient and effective so I can do my job well. The HP OfficeJet Pro 8730 Inkjet Printer ticks all the boxes in terms of form factor, performance and user interface.

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre x360

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga 910

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?