Nickispy is a family of Trojan horse viruses that targets smartphones powered by the Android operating system. The most recent strain of Nickispy, Nickispy.C, masquerades as the Google+ (Google Plus) service in an attempt to dupe Android OS users into installing the malware. Nickispy.C attempts to trick users into installing a third-party app called Google++ (notice the use of two “plus” signs rather than one), and it even uses the same icon as the real Google+ service.
Users installing Google++ provide Nickispy with complete access to their smartphone’s text messages and call logs, and the malware can even record phone calls as well as GPS position history. Nickispy can additionally secretly answer calls on its own and send a user’s private information to a remote site without the user’s knowledge.
While many of Nickispy s malicious capabilities affect all Android smartphones, the malware’s ability to surreptitiously intercept calls only affects Android smartphones running version 2.2 or earlier. Smartphones running version 2.3 (“Gingerbread”) or later are protected from this as a result of the modify_phone_state permission being disabled.
