Sophisticated Android trojan discovered in China, warns security firm

By on Dec 29, 2010 at 9:33 PM
mobile December 29, 2010

Firm Lookout Mobile Security is warning of a new, sophisticated, Android-focused piece of malware that has been found in China. The security company warns that the trojan, dubbed Geinimi, can “compromise a significant amount of personal data on a user’s phone and send it to remote servers.” The malicious code is, currently, only found in third-party application stores attached to republished versions of legitimate applications.

“Geinimi is the first Android malware in the wild that displays botnet-like capabilities,” reads the post on the company’s blog. “Once the malware is installed on a user’s phone, it has the potential to receive commands from a remote server that allow the owner of that server to control the phone.”

Upon installation, compromised applications containing Geinimi’s payload will prompt users to grant the app far more permissions than the original application. The company notes that the trojan can relay IMEI, IMSI, and location information to remote servers as well as prompt users to install additional applications.

Again, Geinimi is only known to be found on third-party app stores in China, so there is no need to set your personal DEFCON level any lower than 4. All those here in good ol’ North America are safe for the time being, but such is the brave new world of mobile devices.

[Via Mobilized]

Read

Tags:
, , , ,
24 Comments

Related Articles

  • Anonymous

    Droid does. Welcome to the open World.

    • http://twitter.com/atlharry Harold Min

      Cydia anyone? No one is safe once hackers set their sights. The ability to jailbreak iOS is BASED on exploits (same as rooting), so don’t act like this is going to be an Android only issue.

      • Goofan (aka Apple Hater)

        Don’t pay attention to keymaker my dear fellow Goofan (aka Apple Hater). He’s jealous because no one, just like on the macs, wants to write viruses and malicious code for the iOS because, guess what, no one sees any value on the 2 or 3 phones and ipads out there. Only the power of Android can attract the bad guys because of our POWER!!!!

      • Norm

        WAIT WAIT WAIT! Are you telling me that you can root iOS? I thought it was NOT open source? I thought it was locked from any manipulation? Is that what jailbreaking is? OMFG…… Let me guess, you can add un-approved apps, settings, themes, customize at will, and have root access to the file system? I thought only DROID did that? Granted, DROID don’t come instantly rooted, you only have to download an application to your desktop to root them…I’m sure it’s much harded on the iCrap.

      • Norm

        harded = harder, don’t = doesn’t……my bad….DROID autocorrect. DROID DOES everything except grammar………

      • Goofan (aka Apple Hater)

        Don’t worry buddy! We understand… We get so emotional that it’s hard to control ourselves and we type so quickly that these (this) little mistakes happen. So, I forgive you brother!

  • Norm

    Nothing to see here. VZW DROIDs have nothing to worry about. The DROID OS running on all VZW DROIDs has special software to protect all DROID owners from malicious attacks from the outside (likely, Steve Jobs and Co.). DROID OS is open source, but that doesn’t mean it’s EVER unstable or vulnerable. DROID is the most secure and stable OS of them all. Just like at iOS and all of its viruses and privacy breaches…there is good reason crApple is in the red and laying off thousands in Cupertino.

    • Goofan (aka Apple Hater)

      That’s why I sleep soundly. I know Google will ALWAYS take care of me. And all they ask for is MY PERSONAL INFORMATION and HABITS AND THAT OF MY FAMILY. That’s it! For that, they will always take care of us and not charge us ONE PENNY! How’s that for an amazing company? An amazing man, a God, Eric Schmidt! I, I, I can’t, my eyes get watery thinking about him in his cute little glasses. And then I get pissed when I think about his nemesis, the devil himself, JOBS! I cringe at the sound!

      • Chris

        Would you say it’s closer to ten or a dozen times a week that you, Norm and Donny get together to fondle each other’s balls?

      • Goofan (aka Apple Hater)

        You should know Chrissy, it’s whenever you are not sucking the 3 of us at the same time.

  • Securitywiz

    there is already wallpapers that steal your information, just be careful of any type of app or game you install.

  • Anonymous

    You have to be really, really dumb to download this. No one should download something as suspicious as this.

    • Mgl323

      Unless it’s porn.

      • Tombobtim

        C’mon, if you’re going to use racial slurs at get it right. Koreans = Gooks. Chinese = Chinks.

      • Tombobtim

        Oops, that was meant for Hhh, one post below. -_-

  • Hhh

    Fucking Gooks

    • nawt chawknees

      hey hey hey… i take offense. its not every gook, just the chinese. buncha fuckups

  • Anonymous

    Open is as open does.

  • http://twitter.com/j_nathaniel Jason

    Applications are already taking information they don’t need access to and sending it over the internet connection.

    • Anonymous

      Amen! Lookout is just trying to scare people into using/buying their product.

      • elizabeth

        Hello
        I care to have a good relationship with you after going through your profile ,I am Elizabeth by name,very good looking girl that is sharing,giving,caring and loving in nature,trusted and God fearing woman that is dedicated in life.Kindly get back to me through my id :elizabeth.991@att.net So,that,i can tell you more about my life because i have business proposal what millions of dollars that i will like to present to you in my next mail, and also exchange my pictures with you.hope to hear from you soon
        Elizabeth

    • elizabeth

      Hello
      I care to have a good relationship with you after going through your profile ,I am Elizabeth by name,very good looking girl that is sharing,giving,caring and loving in nature,trusted and God fearing woman that is dedicated in life.Kindly get back to me through my id :( elizzhay4real@hotmail.fr) So,that,i can tell you more about my life because i have business proposal what millions of dollars that i will like to present to you in my next mail, and also exchange my pictures with you.hope to hear from you soon
      Elizabeth

  • tvennon

    Ugh, iFan-boys are irritating. Uneducated Android users are even worse. Yes, this looks bad for Android. Is it a major issue? Certainly! But here’s the deal: Most developers that use ads in their free apps to generate revenue are also gathering up this type of device information for the ad companies that pay them to incorporate their ad kits into their applications. iPhones do it. Android does it. So, please, all of you retarded iPhone freaks that want to pile on Android, get your heads out of your asses. Android was the easiest target because of the nature of their Market. Rest assured, malware developers are coming for the iPhone RIGHT NOW. Here’s your problem, though: King Jobs WON’T ALLOW AN AV PRODUCT INTO HIS APP STORE. iPhone is going to be way behind the power curve when malware like this starts popping up all over the place…and there is not going to be a proven solution for the iPhone like there is for Android. Sucks to be you…

  • Subamos

    In the article at the Tech Journal (and others) it is claimed that the domains that the trojan attempts to contact are known.

    A quick solution to protect against this trojan is to add entries for each of the known domains in the host file. Then the Trojan cannot “call home” and cannot transmit personal data.

blog comments powered by Disqus