Anyone using a smartphone operating Google’s Android platform are being warned of a new type of trojan called Geinimi. According to Lookout Mobile Security on their company blog, this code is being grafted onto existing applications, mostly games, and being distributed in the Chinese market. The trojan was first seen in China and thought to originate there.
This malware has the ability to collect information and send it back to a central server. The code is thought to be able to receive commands from a remote server and act on those commands giving it bot-like capabilities and allowing the remote server to control the phone. Though not yet fully understood, Lookout Mobile says the code has been seen to communicate with a live server and transmit device data. They also have evidence of the following capabilities:
· Send location coordinates (fine location)
· Send device identifiers (IMEI and IMSI)
· Download and prompt the user to install an app
· Prompt the user to uninstall an app
· Enumerate and send a list of installed apps to the server
Lookout Mobile is warning against games sold through third-party Chinese app stores and has specifically mentioned the following games:
· Monkey Jump 2
· Sex Positions
· President vs. Aliens
· City Defence
· Baseball Superstars 2010
The company warns all users to purchase applications only from trusted sources.
Click HERE to read more from William Belle