Geinimi Android Trojan appears in China ready to steal your data

first_imgAndroid is spreading like wildfire. In 2011 it’s going to become common on tablets as well as the millions of new phones that ship with it every month. With that popularity also comes the threat of hackers taking notice and targeting the platform.It looks as though that is already happening with a new Trojan for Android appearing in China called Geinimi. It is spreading via third-party Android app networks as part of apps that have been repackaged, but look like other popular apps. Most of these apps are games with examples given including:AdChoices广告Monkey Jump 2Sex Positions President vs. Aliens City Defense Baseball Superstars 2010The official versions of these games on the Android Market are fine, it’s the repackaged versions on third-party networks that carry the Trojan and need to be avoided.The Geinimi version of these apps requires the user allow much deeper access permissions. In return Geinimi gains control over the phone and then regularly connects to a remote server without a user’s knowledge. The end result is any and all data on the phone can be stolen and used by the person or group in control of the remote server.The good news is Geinimi has only been seen in China so far, and only in apps on third-party networks. No instances of this Trojan appearing on the Android Market have been found, but who knows how long it will take for that to be attempted?Lookout Mobile Security, who identified the threat, is still looking into what Geinimi can do. This is what they have found it can do so far:Send location coordinates (fine location)Send device identifiers (IMEI and IMSI)Download and prompt the user to install an appPrompt the user to uninstall an appEnumerate and send a list of installed apps to the serverLookout also points out this is the most advanced Trojan they have seen yet for Android even if it was quite obvious to spot by the security company.Read more at the Lookout blogMatthew’s OpinionThis is going to become an escalating problem for the most popular mobile operating systems. Android is especially vulnerable purely because it is becoming so popular and being used across a range of different types of device. It’s in the interests of hackers to target it as a platform.The underlying hardware is going to continue to get more powerful allowing background activities to run with no discernible impact on overall system performance. It’s also becoming easier to carry out transactions on your phone making for a security risk if we all start entering our credit card pins on a smartphone when paying for goods.Ultimately we could end up all having to run a security app permanently on our phones, or the Android team is going to have to offer up new security features to limit the potential damage caused by a Trojan.last_img

Leave a Reply

Your email address will not be published. Required fields are marked *