Android Malware “DDSpy” Pretends to be Gmail, Steals Phone Logs

New malicious software has been detected on Android devices where a user’s personal information is stolen by a fake Gmail program.

The malware, called DDSpy, acts like a Gmail service in Android gadgets. However, users will not see an icon for DDSpy — it works by hiding in the app list and waiting for commands from a remote server via SMS. These commands include “BOOT_COMPLETED,” “SMS_RECEIVED,” and “PHONE_STATE.”

Once DDSpy is given these commands, the malware can begin uploading the Android user’s SMS records, call log and vocal records. DDSpy is capable of configuring the uploading email address on the device and figuring out what content to steal. It also records calls when it detects outbound calls and when it’s configured by SMS. From there, the recorded files are stored in SDCard/DCIM/.thumbnails/directory.

DDSpy has a default uploading mode coded into it where it sends its collected information to an email address at a certain time each day.

NQ Mobile’s Security Research Center, which discovered DDSpy as a threat, is particularly worried about this malware because it uses a GPS-uploading interface “for future development,” meaning it could turn into a more malicious version at some point.

NQ Mobile Security offered a few tips as to how to avoid getting DDSpy, such as only downloading apps from trusted sources, never accepting apps from unknown sources and keeping an eye on odd behavior.

Recent Posts

AMD Dual-Core Optimization Utility Available

AMD Dual-Core Optimization Utility Available

Improving dual-core compatibility for gaming

5.7″ ZTE ZMAX “Phablet” Coming to T-Mobile Sept 24 for $252

ZMAX will come with a Snapdragon 400 processor and 720p display

100 Northern California Households to Receive Plug-in Priuses

UC Davis dares to go where Toyota won't with the Prius

Apple on Microsoft Ads: PCs Are “No Bargain”, Macs Are “Cool”

An Apple spokesperson fires back over Microsoft's latest commercials

Update: 13.3″ Dell XPS m1330 Notebook Details Leaked

Engadget gets the scoop on Dell's latest "ultra-portable" notebook