Geinimi Trojan targeting Android

The Lookout firm specializing in the security of mobile devices, has spotted a new Trojan targeting smartphones in China on Android.

Called Geinimi it would behave in the manner of a botnet receiving execution commands from a dozen remote servers. This malware hide in legitimate applications from the Android Market re-compiled – like games – and distributed directories third in China.

Geinimi would be able to recover more data and connect to remote servers. For example it is capable of exploiting the GPS chip and return the location to send the ID of the phone IMEI, download and request the installation of an application to request the removal of a component or yet to return a list of applications installed on the smartphone. Still, to install a title that is not part of the official Android Market, the mobinaute will still have to configure an authorization within the parameters of the mobile. Moreover, the process takes several confirmations to the user.

Communication with servers and data transfer would be made every five minutes. Experts believe it could be that Geinimi is the result of a network of malicious advertisements. Among the games distributed pox on Chinese websites include: Monkey Jump 2, President vs. Aliens, City Defense or Baseball Superstars 2010.


Please enter your comment!
Please enter your name here