‘Most Sophisticated’ Android Trojan Geinimi Surfaces In Chinese App Stores; Steals User Data

Google Android operating system might be based on Linux-based kernel, but that doesn’t make it completely secured. Just when you thought that your Android based smartphone was safe from malwares, hackers have quietly sneaked in a new Trojan Horse malwareGeinimi – that spreads on Android phones via Games and other Apps. Kevin Mahaffey, CTO of Lookout Mobile Security that develops mobile security software said that Geinimi Trojan appears to be the first one with botnet capabilities targeted at Android mobiles and can Zombify Your Android Device!

'Most Sophisticated' Android Trojan Geinimi Appears In Chinese App Stores; Steals User Data

How Does Trojan Geinimi Infect Android Smartphones?

A server can tell the Trojan what it can do, which makes it more advanced and sophisticated than other Android malware we’ve seen so far. The mobile Trojan has been found in apps infected and repackaged to look like legitimate apps, and uploaded onto Chinese third-party Android app stores. Infections have been found in games like “Monkey Jump 2,” “S3x Positions,” “President vs. Aliens,” “City Defense,” and “Baseball Superstars 2010.

What this new trojan Geinimi does? Not so much! Well, it doesn’t do that much for now, but apparently it has some huge potential to be a bit of a pain later on. Geininimi basically latches onto applications disseminated using portals outside Google‘s Market, expands the range of data permissions that the application asks for, since nobody so much as glances at those things and then sends the extra info it has managed to glean to unknown whereabouts.

Though not that active right now, security firm Lookout speculates that it may be building a botnet, which, considering how many Android phones are out there, is the tiniest bit scary. Moreover, it can send your location, device identifiers (IMEI and IMSI) and list of installed apps to someone. It can also download an app and prompt the user to install it.

How to Detect And Prevent Mobile Phone Trojans?

– One quick and dirty method for detecting mobile Trojans, is to learn an app’s permissions and compare them to what the downloaded app is actually asking for. For instance, if the app’s description only lists requests for age and gender, a red flag should go up if your downloaded app suddenly asks for your home address, too.

– Users should also be aware of any unusual activity on a smartphone. Signs of a Trojan include unusual phone behavior, the sending of SMS messages to unknown numbers, and calls being made without you placing them.

– People should treat their smartphones with the same level of caution and awareness as they do their PCs.

– Users should also consider the developer of an application, and look at ratings and user reviews.

– Though the Trojan spreads only through Third-Party Chinese App Store, all Android phones users must resist downloading Apps from untrusted sources. Always read and then allow the necessary permissions to the Apps.

– In case of any unusual behavior, get the Android mobile security Apps and get the mobile system checked.

You can install Geinimi on your Android device only if you install an infected app, and Lookout reports it only saw those in third-party Chinese app stores. Most users download apps from the official Android market, which is a much safer option; if you must install an app from a third-party store, make sure it’s safe before you do.

9 Comments

Add a Comment

Your email address will not be published. Required fields are marked *

six − 1 =

CommentLuv badge