Mobile security researchers from NQ Mobile have intercepted a fake Gmail Android application dubbed DDSpy.
The SMS based command and control feature of DDSpy is capable of
uploading SMS messages, call logs, and vocal records to a remote server.
The malware authors behind the fake Gmail Android application have
included a hard-coded email address which can be easily changed using
SMS messages. Moreover, the malicious application automatically starts
recording outbound calls, or when instructed to do so over SMS.
According to NQ Mobile’s researchers, they expect that the new
features will be introduced in this malicious applications, due to the
spotted unused interfaces using GPS technology which they found while
analyzing the malicious application.
No comments:
Post a Comment