The Lookout Mobile Securityfirm is warning everyone about a new and sophisticated Android-focused piece of malware stemming from China. The security company is warning everyone about a trojan dubbed Geinimi, which can “compromise a significant amount of personal data on a user’s phone and send it to remote servers.” The malicious code is, currently, only found in third-party application stores attached to republished versions of legitimate applications. It’s something to take note of because many people use third-party app stores to get unofficial apps or tweaks to their devices. “Geinimi is the first Android malware in the wild that displays botnet-like capabilities,” reads the post on the company’s blog. “Once the malware is installed on a user’s phone, it has the potential to receive commands from a remote server that allow the owner of that server to control the phone.”
After installation, all the compromised applications containing Geinimi’s payload will prompt users to grant the app far more permissions than the original application. The company notes that the trojan can relay IMEI, IMSI, and location information to remote servers as well as prompt users to install additional applications on their device. As of right now, Geinimi is only known to be found on third-party app stores in China, so there isn’t any need to start worrying right away. Everyone in other parts of the world are known to be safe at the moment. It is surprising to see that such is the brave new world of mobile devices.
[Souce: Mobilized]
Authors: TechHead