An Android app Trojan found in Chinese app stores is getting all sorts of press this week. The application is said to have the capability to record and store phone conversations entirely without the phone owner’s knowledge. The data is sent to a remote server where a third party can access it at a fee.
But is this really a Trojan? One must intentionally install the device, the permissions must be accepted, and according to eWeek, after it’s installed “the owner can easily tell by looking at the screen that the call is being recorded.” It sounds more like a case of a suspicious spouse to us. In that case, we recommend the owner install Loky PLUS stat. (Keep your private life private with Loky PLUS.)
Whether or not this particular app is malicious, Android owners should take extra care to protect their devices from malware. You can’t get to 48% market share without attracting a few crackers. Quite surprisingly though, when it comes to device security, Android owners are not very good at protecting themselves. From MoBlog:
A Retrevo survey found four in 10 (39%) of Android users haven’t done anything to prevent someone from misusing data on their cell phone if it were lost or stolen. That compares to 30% of BlackBerry owners and 26% of iPhone owners. Further, only 32% of Android owners think their cell phones can get malware, while 27% aren’t sure.
Practice Safe Downloading
Unlike Apple and Blackberry devices, owners of Android devices have more power when deciding what goes on their phone. So, how can your protect your device from malicious apps? One thing to note is that in order to install any Android app, malicious or not, you must accept the app’s permissions. Pay attention to what the app is asking access to and ask questions if you have them. For example, a wallpaper application should not need access to your contact list.
App Download Best Practices
Below is a list we complied back in December 2009 of precautions you should take before downloading anything (mobile or web). Please take the time to review it as it can be the difference between a working Android and a cracked one.
- Put on your sleuth cap. Research the developer of the application before downloading. Applications in the MiKandi marketplace are not created by MiKandi.Developers use our marketplace to connect with you, the end user. So before you hop into bed with an app, get some details on the Developer. A Developer’s contact information can be found in the app description. If it’s not, just give us a shout at firstname.lastname@example.org and we’ll send you the info.
- Be cautious who you share your location with. Some apps allow you to share your location with the Developer, friends, or public at large. Refer to Guideline #2 and find out why the app you want needs that information. There are many fun apps out there that require access to your location.
- Listen to the tribe. MiKandi’s review process is driven by the community, as opposed to imposing our own review process. We leave the feedback to our community of users. Take note of what other end-users are saying about the app you want.
- Report abuse. Obviously, illegal content is NOT tolerated on MiKandi. If you discover an app with illegal content, please report the app in question at email@example.com
- NEW- Install a mobile security app. Lookout provides trusted protection against phishing, malware, and spyware. You can download the app free on MyLookOut.com or in the Android Market.
Developers are more than happy to answer any questions you may have regarding their application.