Sophisticated Android trojan discovered in China, warns security firm

Firm Lookout Mobile Security is warning of a new, sophisticated, Android-focused piece of malware that has been found in China. The security company warns that the trojan, dubbed Geinimi, can “compromise a significant amount of personal data on a user’s phone and send it to remote servers.” The malicious code is, currently, only found in third-party application stores attached to republished versions of legitimate applications.

“Geinimi is the first Android malware in the wild that displays botnet-like capabilities,” reads the post on the company’s blog. “Once the malware is installed on a user’s phone, it has the potential to receive commands from a remote server that allow the owner of that server to control the phone.”

Upon installation, compromised applications containing Geinimi’s payload will prompt users to grant the app far more permissions than the original application. The company notes that the trojan can relay IMEI, IMSI, and location information to remote servers as well as prompt users to install additional applications.

Again, Geinimi is only known to be found on third-party app stores in China, so there is no need to set your personal DEFCON level any lower than 4. All those here in good ol’ North America are safe for the time being, but such is the brave new world of mobile devices.

[Via Mobilized]

Read

blog comments powered by Disqus