Source:
MSNBCAccording to researchers at CA Technologies, this latest Android security threat is significantly more advanced than previously seen Trojans — which merely snooped on text-based details such as call duration or incoming/outgoing call logs — and takes steps to record and build an archive of your actual phone conversations.
The malware basically cajoles users into allowing it to be installed by behaving like a legit Android app, creates a "configuration" file for itself so that it can operate properly, and then starts spying on you the instant you make an outgoing call.
Phone calls are recorded as AMR files — AMR is a file format frequently used for storing spoken audio — and placed directly onto your device's SD card into a freshly created directory called "shangzhou/callrecord." There aren't details regarding what happens once the audio files are saved. The folks at CA Technologies don't elaborate on whether the malware attempts to send the recording anywhere, but it wouldn't be surprising if this was a "feature" built into this or future versions of the Trojan.
The creepy speculation aside, what can you do to protect yourself and keep your phone from spying on you? Not too much beyond what you should already be doing: Following the advice of good ol' Mad-Eye Moody of Harry Potter fame and staying "always vigilant!"
Read more:
http://technolog.msnbc.msn.com/_news/2011/08/02/7230825-creepy-android-malware-records-your-phone-calls