Geinimi Android Trojan appears in China ready to steal your

Quick Register
User Name:
Human Verification

Go Back   UNP > UNP Misc > Technology

UNP Register


Old 15-Jan-2011
Geinimi Android Trojan appears in China ready to steal your

Android is spreading like wildfire. In 2011 itís going to become common on tablets as well as the millions of new phones that ship with it every month. With that popularity also comes the threat of hackers taking notice and targeting the platform.
It looks as though that is already happening with a new Trojan for Android appearing in China called Geinimi. It is spreading via third-party Android app networks as part of apps that have been repackaged, but look like other popular apps. Most of these apps are games with examples given including:
  • Monkey Jump 2
  • Sex Positions
  • President vs. Aliens
  • City Defense
  • Baseball Superstars 2010
The official versions of these games on the Android Market are fine, itís the repackaged versions on third-party networks that carry the Trojan and need to be avoided.

The Geinimi version of these apps requires the user allow much deeper access permissions. In return Geinimi gains control over the phone and then regularly connects to a remote server without a userís knowledge. The end result is any and all data on the phone can be stolen and used by the person or group in control of the remote server.
The good news is Geinimi has only been seen in China so far, and only in apps on third-party networks. No instances of this Trojan appearing on the Android Market have been found, but who knows how long it will take for that to be attempted?
Lookout Mobile Security, who identified the threat, is still looking into what Geinimi can do. This is what they have found it can do so far:
  • Send location coordinates (fine location)
  • Send device identifiers (IMEI and IMSI)
  • Download and prompt the user to install an app
  • Prompt the user to uninstall an app
  • Enumerate and send a list of installed apps to the server
Lookout also points out this is the most advanced Trojan they have seen yet for Android even if it was quite obvious to spot by the security company.

Post New Thread  Reply

« Intel makes Sandy Bridge official: new Core series CPUs brin | Gigabyte reveals two new dual core netbooks, including Jolic »