YAAV (Yet Another Android Virus)

« Happy 30th Birthday MS-DOS | Main | Windows XP: Still a Force to be Reckoned With »


YAAV (Yet Another Android Virus)

Kevin R. Smith

If anyone is under the impression that phones (or Macs for that matter) are immune from viruses, worms, trojans, and other malware, let's get one thing straight: you're wrong.

CA Security Researcher Dinesh Venkatesan spotted a new Android Trojan and gives the lowdown on how it works.

In this particular case, according to a NetworkWorld.com summary of this same Android Trojan it,
...records the actual phone conversations in AMR format and stores the recordings on the device's SD card.

"The malware also 'drops a `configuration` file that contains key information about the remote server and the parameters....
OK, so it records the phone call. Big deal.

Oh, really.

There are a couple of outcomes to this, not the least of which is your phone's storage getting mysteriously chewed up.

Among other things, we have to look at these early cell phone malware and think of them as a new, budding, nascent industry, just like malware was in the '90s.

The bad guys are just starting to explore how to get into phones and what to do when they're there.

Recording calls is, if nothing else, research for them.

Just what do people talk about on their phones? And what can they learn listening to even a few dozen calls?

Is it possible to get usage patterns so stealing more valuable data could be possible?

What about stealing people's credit card numbers (oops, that has already shown up in Android malware) or breaking into their brokerage accounts, (oops, that has, too.)

The point being, it's a nacent industry, and if there's one thing the malware writers have shown it's creativity.

Once they really begin to understand what's there, they'll figure out a way to make money from it. Big money.

And, as for the built-in safeguards from Android like those shown here in this screencap from the CA Dinesh Venkatesan blog, yes, they're there, but there are a couple of important points about these warnings.

Screenshot of Android Trojan: [Credit Dinesh Venkatesan, CA Security]

Just because they're there doesn't mean:
  1. They're being heeded.
  2. They're not accidentally authorized.
  3. They're not going to be complete circumvented tomorrow.
The bottom line: android malware is here, it's real, it's no good, and it's only going to get worse.

And, yes, we're keeping a close eye on things. You can count on us to have some reviews soon.

We've seen some early previews of the new VIPRE Mobile, it looks great, and we'll be putting it--and other Android antivirus software--through the paces shortly.

In the mean time, if you're interested you can get your paws on the beta of VIPRE Android Antivirus now.


You can follow this conversation by subscribing to the comment feed for this post.

Can someone really get usage patterns so stealing more priceless data may be possible?

The comments to this entry are closed.