We have received a new Android malware from the Anrdoid market whose icon is like a Google+ app.
This app is particularly dangerous as it gathers GPS data, call logs, text messages and even records phone calls before sending the information off to a remote server.
After installation it asks for the following permissions:
It may then start any of the following services:
It is also capable of receiving commands via text messages, but it requires the sender to use the pre-defined “Controller” number.
It also has the capability to automatically answer incoming calls.
Before answering the call, it puts the phone on silent mode to prevent the affected user from hearing it. It also hides the dial pad and sets the current screen to display the home page.
As mentioned previously, the best defense against such malware is to pay attention to the permissions the application is asking for.
Also we have recently released Quick Heal Mobile Security for Android which detects this malware as Android.Nickispy.C..
For more information please visit Quick Heal Mobile security.
Thank you Sandeep for the analysis.