A new Android trojan has surfaced that could record your telephone conversations. There has already been trojans that log the details of incoming/outgoing calls in a text file, but this is by far more advanced. It records the calls in “amr” format and saves it to the victim’s SD card.
Once installed, the infected application inserts a configuration file onto the device that specifies “remote server and parameters.” It’s automatically activated each time the vitcim makes an outgoing phone call.
The good news is that this can be avoided because you have to approve the installation of the app. You need to be looking for permissions like “record audio” and “intercept outgoing call” every time you install an app. We cannot take app permissions for granted.
I would say the majority of people are just saying yes to everything, but I want to remind our readers to read all permissions, and if something doesn’t jive, email the developer. If the developer can’t give you a decent explanation, then the app is not worthy. There are over 250,000 apps out there to choose from.
[via ca community]