As mentioned in a recent SA article, Android devices are being compared to the popularity of Windows at a rather inopportune time in the mobile industry’s evolution, making them targets for malicious malware attacks.  Now, Android is facing a grave situation as they now power over 50% of devices out in the market.  This over-saturation is gaining plenty of unwanted attention for Android security, exposing them to malware attacks all the more.

The most recent Android security threat is the trojan Golddream.A fiund by Prof.Xuxian Jiang, which makes infected phones vunerable by allowing phones calls to be made on the infected device without the owner’s knowledge.  Aside from this, the malware also records phone conversations and stores them in SD cards of said devices.

According to CA Technologies, the new Android Trojan works by downloading a payload to a smartphone that is triggered when a call is made. The app will record the conversation in “amr” format and save it to the SD card. Once the malware is downloaded it will drop a configuration file that has information on how to contact a remote server and the parameters or the app.

Once malware is on a device and communication with a command-and-control server, that malware can morph and grow as the server sends it more tasks and capabilities. What started as malware that had strange functionality permissions can turn into a device that is no longer controlled by its owner, in the same way that a PC malware can make a computer join a botnet.

Users are advised to be vigilant when downloading applications by checking the source of the application, download only from trusted sources and of course run antivirus software on your handheld device to make sure you are infected by any malwares.

So when an installation prompt halts your app download, better not push through with it or at least investigate the reason for the prompt.  These malware threats don’t just appear out of nowhere; they can only get in your device when you allow them to.  So again, be vigilant.