The disclosure of potentially serious malware affecting Android smartphones seemed to be tempered on Wednesday, with two security firms at odds over its threat to users. What's saving everyone from a Trojan that can record phone calls and apparently send them to a remote server? Hardware fragmentation.
CA had warned on Tuesday of the potential threat from this phone call recording app. That firm's findings caused Symantec researcher Irfan Asrar to take a second look.
The application is called Speech Recorder, and was being marketed as a way to track a possibly wayward significant other who the user may suspect of cheating. In CA's own writing on the subject, this important caveat had not been listed, likely leading to the media frenzy on the possible ramifications of what it could do.
Asrar said that Symantec could find no evidence that the application was actually uploading any of the files to a remote server. "Due to the fact that not all Android hardware works the same way, we have found that if used on a real phone, as opposed to an emulator, the results can be quite different," he wrote in a blog post.
In testing, researchers found the application to be quite unstable, often crashing and ending calls abruptly. Only one device managed to run the application smoothly, Asrar reported.
Although in this case the threat may have been overblown, Asrar admitted the potential threat of applications like this should not be minimized. "I offer the following suggestion: if you find yourself to be in need of such an application, take the direct route and talk to your significant other instead," he quipped.
CA could not immediately be reached for comment on its competitor's findings.
