This new Android malware disguises itself as the Google+ app, using the same icon and being listed under the name of Google++. This piece of malware is in fact a variant of ANDROIDOS_NICKISPY.A, a serious Android spyware that can eavesdrop on unsuspecting users.

TrendLabs, which was responsible for identifying this malware, claims that this form of malware is capable of recording all kinds of sensitive information, ranging from full-fledged audio calls to text messages and call logs. If that wasn’t enough, the tracked data is then sent off to a remote server, all in the background.


ANDROIDOS_NICKISPY.C is capable of collecting data such as text messages, call logs, and GPS location from infected devices, which it then uploads to a certain URL through port 2018.

Like other ANDROIDOS_NICKISPY variants, ANDROIDOS_NICKISPY.C also has the capability to record phone calls made from infected devices.
More than just recording calls voluntarily carried out by users, this new form of malware also has the ability to automatically answer incoming calls in the background, which is rather scary. Calls are answered without the user’s consent: in fact, this malware puts the phone in silent mode and displays the standard home screen.

Like other ANDROIDOS_NICKISPY variants, ANDROIDOS_NICKISPY.C also has the capability to record phone calls made from infected devices. What makes this particular variant different is that it has the capability to automatically answer incoming calls.
If you suspect you’re infected with this malware, be sure to remove it immediately by uninstalling Google++, much like you’d uninstall any other Android app.

Source- redmondpie