Security researchers from NetQin Mobile discovered two new Android spyware programs called SW.SecurePhone and SW.Qieting. Similar to previous Android security threats, these two malicious programs are distributed through third-party application marketplaces and online forums. Please note that these applications are not found in the official Android Market.
SW.SecurePhone is found primarily in the US and collects phone activity including messages, call log, phone location data, recorded sounds and pictures. This data is uploaded to a remote server every 20 minutes. The Qieting variant has been found both in and outside the United States and automatically forwards all messages sent to the phone. Both pieces of Android malware pose a huge threat to privacy.
The two pieces of malware were discovered by mobile security firm NetQin. NetQin was the first company to discover the Hong TouTou trojan which surface last week. Similar to SecurePhone and Qieting threats noted above, Hong TouTou was found within apps distributed on third-party marketplaces. Though this security threat was mostly confined to app marketplaces and forums within China. The malware was found in RoboDefense (not the Android Market version, but a pirated version) and several wallpaper applications.
These recent reported threats are not the first to hit the Android platform. The Geinimi Trojan made headlines late last year. Discovered by U.S. Security firm Lookout, Geinimi’s main purpose was to analyze the user’s private information using key words, collect private information from the phone, and send it to a remote server.