Computer scientists have devised an attack that logs phone numbers, Social Security IDs, and personal identification numbers entered into smartphones by monitoring the devices’ integrated motion sensors.
TapLogger, as their proof-of-concept application for phones running Google’s Android operating system is called, masquerades as a benign game that challenges the end user to identify identical icons from a collection of similar-looking images. In the background, the trojan monitors readings returned by the phone’s built-in accelerometer, gyroscope, and orientation sensors to infer phone numbers and other digits entered into the device. This then surreptitiously uploads them to a computer under the control of the attackers.
See the original article here:
Android trojan steals keystrokes using phone movements (Updated)