APP-41 · Mobile Threat Catalogue
Archived: 2026-04-05 19:27:05 UTC
Mobile Threat Catalogue
Recording Audio by Placing or Answering Phone Calls
Contribute
Threat Category: Malicious or privacy-invasive application
ID: APP-41
Threat Description: An attacker who can place or answer calls without the device user’s knowledge could
remotely record audio from within the vicinity of the device without directly accessing the device microphone.
Threat Origin
An investigation of Chrysaor Malware on Android 1
Exploit Examples
An investigation of Chrysaor Malware on Android 1
CVE Examples
Possible Countermeasures
Mobile Device User
To prevent data collection using the device microphone, install a protective cover over the device which reliably
blocks sound from being picked up when features requiring use of the microphone are not in use. Alternatively,
turn off the device or do not take it into areas in which audio collection is a main concern.
To reduce the potential for such an exploit for which a security patch is available, ensure OS security updates are
installed in a timely fashion.
Enterprise
To reduce the potential for such an exploit for which a security patch is available, ensure OS security updates are
installed in a timely fashion.
References
https://pages.nist.gov/mobile-threat-catalogue/application-threats/APP-41.html
Page 1 of 2

Source: https://pages.nist.gov/mobile-threat-catalogue/application-threats/APP-41.html
https://pages.nist.gov/mobile-threat-catalogue/application-threats/APP-41.html
Page 2 of 2