nvkhkhr
Prime VIP
Android is spreading like wildfire. In 2011 it’s going to become common on tablets as well as the millions of new phones that ship with it every month. With that popularity also comes the threat of hackers taking notice and targeting the platform.
It looks as though that is already happening with a new Trojan for Android appearing in China called Geinimi. It is spreading via third-party Android app networks as part of apps that have been repackaged, but look like other popular apps. Most of these apps are games with examples given including:
- Monkey Jump 2
- Sex Positions
- President vs. Aliens
- City Defense
- Baseball Superstars 2010
The Geinimi version of these apps requires the user allow much deeper access permissions. In return Geinimi gains control over the phone and then regularly connects to a remote server without a user’s knowledge. The end result is any and all data on the phone can be stolen and used by the person or group in control of the remote server.
The good news is Geinimi has only been seen in China so far, and only in apps on third-party networks. No instances of this Trojan appearing on the Android Market have been found, but who knows how long it will take for that to be attempted?
Lookout Mobile Security, who identified the threat, is still looking into what Geinimi can do. This is what they have found it can do so far:
- Send location coordinates (fine location)
- Send device identifiers (IMEI and IMSI)
- Download and prompt the user to install an app
- Prompt the user to uninstall an app
- Enumerate and send a list of installed apps to the server
