MUST READ: Congress demands answers from Google over Glass privacy concerns

Topic: Apps

Fake Gmail Android application steals personal data

Summary: Mobile security researchers from NQ Mobile have intercepted a fake Gmail Android application dubbed DDSpy.

Dancho Danchev

By for Zero Day |

Mobile security researchers from NQ Mobile have intercepted a fake Gmail Android application dubbed DDSpy.

The SMS based command and control feature of DDSpy is capable of uploading SMS messages, call logs, and vocal records to a remote server. The malware authors behind the fake Gmail Android application have included a hard-coded email address which can be easily changed using SMS messages. Moreover, the malicious application automatically starts recording outbound calls, or when instructed to do so over SMS.

According to NQ Mobile's researchers, they expect that the new features will be introduced in this malicious applications, due to the spotted unused interfaces using GPS technology which they found while analyzing the malicious application.

Find out more about Dancho Danchev at his LinkedIn profile, or follow him on Twitter.

Topic: Apps

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

17 comments
Log in or register to join the discussion

  • So, it's not in Google Play?

    If so, No need to worry. I hate all this fear mongering. If you really download a GMail app from a chinese site... well what do you expect.

    Also, who really downloads a GMail app? it comes pre-installed and automatically updated.

    Please stop the fear mongering security companies. thanks.
    tatiGmail
    Reply Vote

    • So fat people get heart attacks?

      Then who cares? they did it to themselves for eating too many bratwursts and not enough salads.

      And, cancer victims clearly had it coming to.

      Now that you mentioned it, people living in a war zone should have no complaints either. They [b]chose[/b] to live there while a war was going on.
      Your Non Advocate
      Reply 1 Vote

      • Is someone having a bad day?

        Not only are your examples WAY over the top, but he never said these folks deserve what they get - only that it shouldn't be a surprise. Maybe a cup or two less coffee is in order tomorrow! :)
        Heck if I Know
        Reply Vote

      • This

        You have to be a troll to post this, no other explanation
        jpleace@...
        Reply Vote

      • @jpleace

        Physician: heal thyself
        Your Non Advocate
        Reply Vote

      • ummm no.

        If the fat person got a heart attack because he ate a big mac every day then yes he should not be surprised that it happened. If the cancer victim was hanging out in a radiated room without protective gear and the room had a big sign that said, put on your damn gear or get nuked then yes.

        You took the OP's theory and made this HUGE leap to the absurd.
        rengek
        Reply Vote

  • How?

    Couldn't you please start at the beginning? What does an Android user do to fall victim to this malware?
    wendy1john32@...
    Reply Vote

    • They carelessly use their...

      ...Android smart device like an iDevice owner; not knowing they are using a mobile platform with a malicious ecosystem :|
      MrElectrifyer
      Reply Vote

      • At this point you have won!!!

        The idiot fanboy of the thread award, congratulations.
        non-biased
        Reply Vote

  • Not a word about where people got it from ....

    ... probably meaning that it was distributed via the Goggle Marketplace (like most of the Android malware).
    wackoae
    Reply Vote

  • Secure

    Why only on Android?
    Informative
    Reply Vote

    • Because of irresponsibility

      'nuff said.
      MrElectrifyer
      Reply Vote

  • more info

    would've been nice. Neither ZDNet or NQ Mobile state where the infectious product is coming from. I suspect it is from sideloading by persons that think they are smarter than they are. It'd be really interesting to know just how widespread this is too.
    88Fan
    Reply Vote

    • While I agree

      I do have to point out that if this was about an app on iOS then we would be told it doesn't matter if is was one jailbroken phone, bad Apple.
      non-biased
      Reply Vote

  • NQ Mobile Security app

    not really free, no current virus signatures. must pay for updates
    Jaytmoon
    Reply Vote

  • slow news day

    *yawn
    Scarface Claw
    Reply Vote

  • why not use another email client?

    i find gmail a nuisance, automatically purges mails, synchs mails...i use a different mail client - free as well - and am happy with that.
    msuesli@...
    Reply Vote
CNET Join | Log In | Privacy | Cookies Close