Based on information from virus researchers at BitDefender, here's how the tools work.
When any of the apps is loaded on a victim's phone, they can be activated remotely by a cyber thief. Once activated, it sends a five digit pass code to the phone's intruder and secretly uploads the device's contacts, messages, recent calls, and browser history into the developer's space in the Android Cloud. After copying the data from the phone, the apps uninstall themselves so a target won't know they were even on their mobile...
This latest attack on Android phones is just one of many this year. In fact, the phones are seen as a ripe target for mobile miscreants. According to a report released by a cybersecurity software maker in August, attacks on Android by malware writers jumped 76 percent over the previous three months, making it the most assaulted mobile operating system on the planet.
Some of that malware has been devilishly clever. For example, a bad app called Soundminer listens to conversations on an Android phone and is able to recognize when a credit card is spoken. After identifying such a number, it snips it from the conversation it has been recording and sends it to a Web baddie. (more) (further advice)
