Android users that are fans of Google+ need to be aware that a new malware app is circulating right now. Earlier this month I mentioned that Android users were twice as likely to get malware as they were six months ago. One of the reasons is apps like Google++ that looks like an official Google+ app and hides a malicious app inside.
The malicious app inside the fake Google offering is called ANDROIDOS_NICKISPY.C .The nefarious app can actually intercept and record your phone calls. The app loads at boot up and runs services that monitor messages, phone calls, and the user’s location. This allows the malware to steal all sorts of data from users.
The app sends the stolen data to a remote site where criminals can grab the data and try to use it to steal from you. The malware app was discovered by Trend Micro. If your phone is infected you can uninstall it via Settings – Applications – Manage applications, and then uninstall the Google++ app. Trend Micro gives this app a low risk rating.[via CNET]